On Wed, Aug 25, 2004 at 10:29:06AM +0100,
Chris Haynes <chris(_at_)harvington(_dot_)org(_dot_)uk> wrote
a message of 48 lines which said:
We are having this discussion because I assert that the introduction
of a forgery test IS fundamentally new.
Introduction of a *standard* forgery test is new. But people have been
testing incoming SMTP clients or incoming SMTP transactions or
incoming email messages for years.
Often, these tests are quite ill-advised (refusing mail from machines
without a PTR, for instance). But they exist and the bounces generated
by these tests have never created legal problems.
"Why", the courts may well ask, "did you send a message, known to
you to be forged and potentially carrying malicious content, to this
innocent child?"
You did not send it. The MTA just before you did and it was the faulty
one, for having *not* performed SenderID tests. To me, this is the
most important thing against your idea: you do not send the bounce,
someone else does.
Yes, your action (refusing the mail with 5xx) was indirectly the cause
of the bounce. But (IANAL) I do not think it can be regarded as a
liability.