On Sat, 5 Apr 2003, J C Lawrence wrote:
On Sat, 5 Apr 2003 23:23:07 -0500
waltdnes <waltdnes(_at_)waltdnes(_dot_)org> wrote:
This, of course, implies that the internet-facing MTA will have be
able to make and carry out the decision to reject an email.
It implies rather more than that. It implies that the MUA does all the
hard work from scheduling to spooling on down as well.
The MUA could still forward to an MSA without contradicting the spirit of
the proposal.
An MSA that has some knowledge of where its messages come from, either by
SMTP AUTH or merely because it only accepts submissions from hosts it
trusts, can still relay that mail to other internet hosts without
generating DSN notices to innocent third parties.
The proposal only suggests that hosts accepting mail from *stangers*
should know if they are going to deliver that mail before they "OK" it at
the completion of the mail acceptance process. RBLs do this, most content
based screening does not, but could if it wanted too. MTAs don't usually
support this very enthusiastically.
No doubt that some mail architectures will not be able to do this. To
reject mail for non-existant users the accepting MTA will have to have
access to the user list, which is sometimes not available to the accepting
MTA in the DMZ. That would have to change. The alternatives are to stop
bouncing bad email-addresses or become a vehicle for spammers to abuse,
neither of which is very attractive.
We have gone to quite a bit of trouble to start doing Spamassassin
screening in a Sendmail Milter, rather than in the local delivery agent,
just for this reason. By refusing mail rather than dropping it on the
floor we will give senders of false positives a rejection rather than
risk losing the message entirely.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg