At 10:04 PM 7/28/2004 +0200, Markus Stumpf wrote:
I think it will take a really long time before the first virus or
worm will be rejected at SMTP level because of SPF or any similar
method and if it can't be caught before the DATA command it doesn't
make a difference, because then the message will be received and it
is probably cheaper to let the virus scanner catch it instead of
cruising the DNS, collect records and feed all this to a spam filter
for evaluation that classifies it then to a "maybe spam" folder, IF
the sender domain has deployed SPF or similar methods at all.
The message isn't accepted until the DATA command is accepted, at the end of
the message. While the receiving domain has to provide bandwidth to receive at
least part of the message, it can still reject the message (and doesn't have to
provide storage for it) any time before the "OK". It can, potentially, tear
down the TCP connection after receiving the relevant headers if it wants.