At 3:39 PM -0500 11/28/03, Yakov Shafranovich wrote:
Hector Santos wrote:
YAHOO.COM, AOL.OCM and others accepts "billions" of mail therefore might
deem it necessary to delay any mail validation process. Again, it does not
mean it doesn't work. It means, these guys are the PROBLEM, but anyone in
the mail server business knows that. You are comparing it against the
AOL.COM, YAHOO.COM, etc. Yet, in the same breath, I read how these guys
are trying to define or hijack your efforts.
There is a reason to their madness - it discourages spammers from
harvesting email addresses. Also, nothing prevents the spammers from
doing the same thing for their domains.
Such behavior is also not restricted to large consumer/recreational
ISP-like mail systems. Many corporate mail systems have exterior SMTP
faces that live on machines with no knowledge of the interior
environment except how to get mail to it. The outside bastion mail
servers deal with basic filtering, but have no way to know whether a
particular address is valid or not. This is a simple security issue:
machines with exterior exposure are not allowed to carry or even
query confidential databases like the list of valid user names.
There are arguments on all sides of this sort of configuration, but
no amount of recommendation by an I[RE]TF body will change it.
--
Bill Cole
bill(_at_)scconsult(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg