Ansgar Wiechers: > On 2013-06-19 Jeroen Geilman wrote: > >>> Zitat von Andreas Kasenides <andr...@cymail.eu>: > >>>> Out: 250-VRFY > > > > You really don't want to enable VRFY on a public mailserver; it only > > enables more spammers to abuse you. > > Set 'disable_vrfy_command = yes' in main.cf to globally disable it. > > Not really. Aside the fact that there are other ways to verify an > address, I get a single VRFY every other month on my mail server. > > In my experience most spammers don't actually care if an address is > valid or not and blindly throw their crap at everything that looks at > least remotely like a mail address.
I agree. Technically, VRFY is implemented as RCPT TO without all the baggage of a mail transaction. The difference is that smtpd_client_recipient_rate_limit does not apply to VRFY, but that is easily fixed (I just copied some code from the RCPT TO handler). Wietse