In <20040219172138(_dot_)GH26033(_at_)csi(_dot_)hu>
mw-list-spf-discuss(_at_)csi(_dot_)hu writes:
I just picked up the address
SRS0=HHHHHHHH=TT=wooledge(_dot_)org(_at_)_?üId?ûVª|?ÓÔ??? from a mailing
list archive, so I send [via a bounce]
First off, most mailing lists use VERP and do not pass on the original
envelope from. Therefore, you wouldn't be able to pick up that
address.
Second, that address will only work for a matter of days. It has
var less value to spammers than most other addresses.
Third, if this kind of thing ever becomes a problem, you can reject
all the bounces after the first one. This will require you to
maintain a database, but such is life.
Fourth, there is nothing you can do to positively eliminate all bogus
bounces in all cases, while still accepting legitimate ones. If the
system you sent the email to publishes every detail of the email you
sent them, then there is no way to distinguish a legitimate bounce
from a spammer.
The solution to this problem is to not send email to places that don't
handle email responsibly. (Such as mailing lists that don't use
VERP.)
-wayne