In article <CAHVBJ+=-byouu86w+vk_lme_c1maeryp2c7nw3tmsdtei5d...@mail.gmail.com> you write: >The use of IDs instead of the real original email in the return-path >may also be because of length limits. >Max length of an email address is 254 chars. If you have to insert it >"almost clear" in a return path and change the domain then there are >chance your return-path address will be more than 254 chars. >so if your original address is "a 242 ti...@example.com" how do you >add VERP to it without some sort of obfuscation?
Actually, you're more likely to hit the local-part limit of 64 first, but how many real addresses (as opposed to artificial stress tests ones) have you seen where that's a problem? I'm not opposed to using tokens but I don't see it as a security issue, just something that might save a lookup in bounce processing. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop