Yakov Shafranovich wrote:
See RFC 2821, section 3.1.:
---snip----
However, in practice, some servers do not perform recipient
verification until after the message text is received. These servers
SHOULD treat a failure for one or more recipients as a "subsequent
failure" and return a mail message as discussed in section 6.
---snip----
Even thought it might be recommended to do processing in real-time, in
practice many systems do not and will not. We must be take that into account.
I agree with Yakov, and would even go further. I think smtp-session
reject is falling out of favor and will eventually disappear.
There are strong reasons to prefer accept-then-bounce or even filter to
reject.
(1) Reject gives feedback about your system to would-be bad
guys--including dictionary spammers--in a much faster and more
reliable way. Sysadmins rightly want to give out as little
information as possible, because that's standard practice anywhere
security is involved.
(2) Reject is a less flexible mechanism. Accept-then-bounce or filter
allows recipients to work around certain obselete or overzealous
systems.
(3) Senders have come to understand that messages get incorrectly
filtered as spam sometimes; they no longer expect to recieve an
immediate rejection if there is a problem delivering a message.
Like ident, smtp-reject has some usefulness inside private networks, but
one shouldn't expect to see it widely used on the public Internet.
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg