On Wed, 2004-07-28 at 04:56, Andrew Newton wrote:
On Jul 27, 2004, at 9:50 PM, Douglas Otis wrote:
It could if the MTA either had a valid list of users, or attempted to
deliver down stream to ascertain if the user was valid before
completing the session. The MTA only knows it will relay for a
domain. In the case of the backup MTA service, this 'knowledgeable'
server is expected to be down. As a shortcut for administration or
out of reluctance, lists of valid users may not be shared with some
MTAs relying messages.
Why do you need a list of valid users to do a Sender-ID check?
This could done using a domain with no records, open records, or to a
relay MTA that opts to turn off Sender-ID channel checks. Sender-ID is
not always 100%, due to its extremely large scope. With the expense of
DNS wrenches, as a defensive posture, such checks could be postponed
until it is at least determined the mail is for a valid user. Owning to
the overhead involved, it would seem a poor assumption every point in
the MTA path enables these checks.
-Doug