Ansgar Wiechers:
> On 2013-06-19 Jeroen Geilman wrote:
> >>> Zitat von Andreas Kasenides <andr...@cymail.eu>:
> >>>> Out: 250-VRFY
> >
> > You really don't want to enable VRFY on a public mailserver; it only
> > enables more spammers to abuse you.
> > Set 'disable_vrfy_command = yes' in main.cf to globally disable it.
>
> Not really. Aside the fact that there are other ways to verify an
> address, I get a single VRFY every other month on my mail server.
>
> In my experience most spammers don't actually care if an address is
> valid or not and blindly throw their crap at everything that looks at
> least remotely like a mail address.
I agree. Technically, VRFY is implemented as RCPT TO without all
the baggage of a mail transaction. The difference is that
smtpd_client_recipient_rate_limit does not apply to VRFY, but that
is easily fixed (I just copied some code from the RCPT TO handler).
Wietse
