> >> Again, this completely solves the issue of forged return address > >> bounce e-mails. > > > > Actually, no it doesn't. > > > > Let's try another ISP-as-MX scenario, this time where the company runs its > > own mail server as primary MX, but uses the ISP's server as a secondary: > > Whoa... stop right there. If ISPs do this, there's a growing onus to maintain a > "valid user" list, even without spam/virus filtering. The details are up to the ISP > to determine - whether they hook up a scheduled feed from the customer (via, say, > LDAP) or whether they ask the user to manage valid users via a web interface.
It's not a question of ISPs doing it, it's a fact that ISPs have been doing it for many many years. From way before spam became a problem. Changing it is not going to be pretty. Try and tell 100.000 customers that they have to maintain a valid userlist with you. It's possible (for certain interpretations of possible), but very very costly and timeconsuming. Ofcourse it's easy when you run your little homesystem for you and your wife. Sure it's easy when you have 15 employees that you can force a change upon. It is not easy, not by a long shot, to change the behavior of many many customers. It is not a question of 'changing a door'. It's a question of changing 10.000 doors, some of which you didnt even know existed, some of which baffle even you, and you run the damn system, some of which have had keys made in gold with jewels laid in, some of which have 5000 copy keys unbeknownst to you, and you need to tell the user of that door to please give everyone a new key and they dont even know who uses it. Some of these doors are used by lawfirms just aching to sue you. Changing anything, even something seemingly benign, often has large implications. Now dont think that that means ISPs dont want to fix things. ISPs have been fixing things and are fixing things. We are as we speak implementing a very large mimedefang system (50+ servers) to move more and more checks to the front door so we can reject there. But I am realistic enough to know it's never going to be 100%. There will always be noise on the line. > But accept-everything-and-send-manual-undeliverable-reports-later is becoming less > and less acceptable of a strategy. Just to clarify. The person you are replying on said that it might very well be that you are accepting for a valid recipient as a secondary MX, but the primary can still reject you for totally different reasons. The secondary would then have to bounce. Thats part of the noise.. How far are we from banning each and every bounce? :) "Dear ISP, I got a bounce that my email cant be delivered, please stop! I dont want to know!" :) I give it 1 year max. Regards, Cor _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
