RFC-2505 (BCP-30) talks about which return codes to use, among other things. Not a direct hit, perhaps. RFC-1891 (DSNs) may also have something.
You want an RFC-lawyer. Given another hour or so, I could probably come up with the necessary citation, either in the RFCs themselves or in other suitably authoritative-sounding sources. But my pro-bono time has run out for today. :-)
Or you could just ask Eric.
ahead) If I send an email to [EMAIL PROTECTED] and spoof the Mail From as [EMAIL PROTECTED] to an Exchange Server setup in this manor, the Exchange server will bounce an email to the [EMAIL PROTECTED] While this is all fine and dandy, if a person(s) decides to use this as a mailbomb method and exploit this, its rather simple to do. So, in short I am aguing that 1> Mail destine for a domain not handled should be 550 Denied. 2> None Delivery Reports should only be sent for Domains Handled. 3> That a Firewall should not be doing Domain checking for SMTPWhat I am at a loss for is RFCs that explicitly state this, that is NDR for other domains, and accepting for other domains.
