Peter J. Holzer wrote:
[snip]
The reason it is done this way is so rejection can be done during the
SMTP dialogue. Validation based on header From: requires first
accepting the message, with all that implies. (We've put a fair bit of
effort into making this sort of up-front validation extremely quick.)
That's not quite true. You can verify the From header and then return a
550 response after the "." terminating DATA. So you don't have to accept
the message, but you have to receive it completely before you can reject
it. I've written plugins for qpsmtpd which implement this for majordomo
and mailman mailing-lists.
well, being able to reject before reading data has its advantages. It is
also more easily implemented on say postfix (postfix header checks are
global and apply to all mail, so can't be used here).
I guess the implementation difficulty is what makes most MLs accept the
message during the smtp transaction, then "bounce" later. This could
someday lead to the same levels of backscatter we are seing these days.
<very tiny corner case>
also, while probably not a real case, what if the user sends to two
lists, while he is only subscribed to one. rejecting at RCPT TO stage
still allow mail to the subscribed to list. but I agree that this is
very tiny corner case...
</very ...>