> Fine. You're responsible for delivering mail submitted to you, and > it is entirely reasonable to confirm that the entity you are > accepting it from has provided a usable address. What Postfix then > does to verify it is exactly what would be done if a message was > simply accepted without verification.
Does not take into account the matter of spam with forged headers. I didn't send that email, and you're "verifying" whether I did, doing exactly the same as Radek's woodpecker-as-a-service. No different from my perspective. [root@mail ~]# grep -i sender /etc/postfix/helo_access* /etc/postfix/helo_access:inpost.tmes.trendmicro.com REJECT Sender Address Verification is Abusive /etc/postfix/helo_access.pcre:/\.mailspamprotection\.com/ REJECT Sender Address Verification is Abusive /etc/postfix/helo_access.pcre:/\.pphosted\.com/ REJECT Sender Address Verification is Abusive And that's just some of the big names doing it. > This is a bit less clear, but I'd say that is fine because you have > every reason to believe that you are acting on behalf of the address > owner, not some 3rd party who may not have acquired the address > legitimately. This, too, can be co-opted by people who aren't your users. -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269, http://www.koliloks.eu/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
