On Saturday 26 Feb 2005 07:18, Peter J. Holzer wrote:
> On 2005-02-25 22:28:32 -0700, Bryan Scott wrote:
> > Are you suggesting that you *have* to accept email from <> even if the
> > recipient doesn't exist? That sounds like a pretty gross black hole to
> > me...
>
> It would be if it was true. Of course you don't have to accept bounces
> to a non-existent address, and I don't think rfc-ignorant tests for
You're right - I went back and checked and although I was reported by someone
bouncing a faked address, it WAS the case that the ISP I was using at the
time had simply decided to stop accepting mail from <> (not great I know, but
it was one way they were foolishly attempting to limit the badwidth consumed
by spam)and that's why I moved away from the ISP and host my own mail now.
Still I did receive various nasty emails and accusations from people accusing
me of not accepting bounces - my check_goodrcptto plugin now adjusts the
message if the sender is <>
# genuine mistake or, more likely, spammers flooding us
return(DENY, "No such account - mail to $user not accepted here")
unless (not(defined($sender)) or $sender eq "");
# bounce of email form a non-existant user - recommend SPF
return(DENY, "No such account as $user - checking SPF records "
" would prevent bouncing of joe-job emails");
Not fantastic, but makes me feel better.
> Rejecting false bounces may still not be a good idea: Verifying a mail
> address is often done by connecting to the MX and sending MAIL FROM:<>
> and RCPT TO:<[EMAIL PROTECTED]>, but no DATA. This is done by
> some MTAs (e.g., Exim) and web forms. So if you reject these your users
> may not be able to send mails to some domains or enter their address on
> some web forms.
True again - I do so with the full agreement of all my users (er... me).
Cheers
--
T
