On Wed, Aug 25, 2004 at 12:48:51PM +0100,
Graham Murray <graham(_at_)webwayone(_dot_)co(_dot_)uk> wrote
a message of 23 lines which said:
But what would be completely unacceptable would be for the SMTP
transaction to accept a mail, perform (either at SMTP time or
subsequently) Sender-ID (or SPF, Domainkeys, or other) checks which
show the mail to be a forgery and then send a bounce (to the known
forged address) for any reason.
I agree. It would be completely unacceptable. Almost every anti-virus
server software in use does it, nevertheless :-)
I believe that, unfortunately, some MTAs do accept all emails and
only subsequently check that the recipient mailbox is valid,
Postfix does it by default. Also, every MTA does it if you have a
front-end MTA in the DMZ which accepts everything before giving it to
the "real" MTA. So, these "late bounces" are a fact of life and we
have to live with it.
Giving the amount of bounces I already receive for mail which I've
never sent (and this is before Sender-ID deployment), I have little
sympathy for Chris Haynes' concerns.