On Tue, 2004-02-24 at 15:44 -0600, wayne wrote:
Without checking the envelope-from, you can't safely bounce email.
Bouncing email should be avoided if at all possible. As you correctly
say, without checking the SMTP reverse-path, bouncing is unsafe (i.e.
contributes to collateral damage).
But you can still _reject_ at SMTP time, without having to trust the
SMTP reverse-path. That doesn't cause a bounce assuming you're talking
to the actual sender of the spam, and not some open relay or similarly
broken host.
Caller-ID and DomainKeys both need something like SPF or SRS+callbacks
to make them safe to use.
It should be safe to use them at SMTP time in the MTA, before accepting
the mail.
--
dwmw2