Doug Otis writes in about bounces to forged messages, making the
following points:
1. Sometimes, messages get relayed from MTA to MTA to MTA before
arriving at their ultimate destination.
2. If you relay to an MTA that refuses a message, you MUST generate a
bounce.
3. If you receive a bounce from what you regard as a reputable MTA,
you'll deliver it.
He then asks how I think SenderID will result in fewer bounces. Here's
how:
Most forged mail is sent by specialized spam engines (including zombie
machines) directly to the internet-facing gateway machine of the
recipient. Unlike most legitimate mail, it doesn't pass through an MTA
in the sender's organization.
When the internet-facing MTA of the recipient receives the message, it
can perform SenderID checks and refuse the message, at either MAIL
command time or end-of-data time. In either case, the receiver doesn't
generate a bounce (because it's not his responsibility) and the spam
engine doesn't generate a bounce (because there's no value to them in
doing so). Even if you postulated a spam engine that generated a
bounce, that bounce would generally get rejected by the same SenderID
tests.
That's how.
-- Jim Lyon