Hi, I read in both the Postfix man file (man 5 postconf), and the SMTP RFC (5321), that VRFY can be disabled on a site-by-site basis.
I disabled this on my server for port 25 but am wondering if I should leave this enabled on my Postfix instance that provides submission (587) ? I have confirmed that by editing main.cf and master.cf it is only available on submission and requires SASL authentication before working. Are there modern MUA’s that authenticated users may use that make use of VRFY (perhaps by checking e-mail address validity before sending, while the message body is still being composed), or am I better off leaving it disabled everywhere ? Thanks, - J
