On Thursday 19 February 2004 15:08, Hector Santos wrote:
With a SPF pass result, SMTP can not confidently make a decision to reject
the message (which like you said, could be spam). But it must move on to
the next step and if there is no other testing to be performed at the
protocol, then you accept it and let so post validation or mail filter
system take control.
This form of post validation operation is what the SORBIG-generation email
viruses feeds on. They love systems that is going to try to bounce mail.
If you reject at the protocol level, you have no bounce. That is a major
big difference.
You can treat the return-path as 100% valid if SPF passes.
If you subsequently wish to bounce the mail for any reason, that is OK since
you know you are not bouncing to a joe-jobbed address.