Len Conrad put forth on 12/26/2009 3:49 PM: > Requiring HELO is hardly an RFC-abusive setting. I expect almost no legit, > nor illegit, SMTP servers send EXPN or VRFY before helo,
I'll add that just about everyone disables VRFY these days to prevent valid address harvesting, so if 5321 or any other RFC requires accepting VRFY then we are all out of RFC compliance. Concentrate on the aspects of RFCs that allow you to send/receive email to/from legitimate sites. Be loose with those that impede your ability to stop spam. We've all read various places that over 90% of all email attempts/transactions are spam. The authors or the relevant SMTP RFCs did not take this fact into account last they wrote these documents. Look at the creation and last modified dates on these RFCs and you'll fully understand that they are behind the times WRT dealing with spam. -- Stan
