> To clarify what the context of the statement. This was about > Exchange. There is a "catch-all" script for Exchange which I guess > is similar to our nobody alias, but on a server wide scale.
It's not a script. The (stupid) Exchange default setting -- and in old versions of Exchange, the only setting -- is to allow mail to be accepted for any recipient at a serviced domain. After the SMTP side accepts all messages, bounces are then generated, by the mailbox side of the engine, for invalid users. This behavior used to be a mandate with Exchange unless you used 3rd-party envelope-rejection software, and Microsoft made some half-arsed rationalizations of it, and that in turn led a lot of uneducated admins to learn the wrong approach. In Exchange 2003, they finally made it possible to reject invalid recipients at the envelope. But admins schooled in the old, stupid ways still think this is somehow wrong -- they don't realize how obsolete their thinking is. > He says that a mail server should never reject a connection as > invalid. Then he doesn't know anything about spam past, oh, 1996? > If I sent a message to an invalid address the server should never > let anyone know if the address is valid or not. As Len has often said, and I have always agreed, knowing a valid address should be no predictor of one's ability to get spam or viruses delivered to that address. > So in the context of the discussion Imail does reveal non-existant > email addresses which he claims should never be done. Yup, hogwash. You should be so lucky as to have IMail rejecting unknown recipients at the envelope. In a gateway config, IMail accepts all recipients at serviced domains, and that's a tremendous liability -- and that's why I created the exchange2aliases and ldap2aliases scripts in my sig, to *combat* this bad design. And apparently you've still got ignoramuses throwing FUD out there defending the bad design. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
