On Tue, Mar 09, 2004 at 11:39:38AM -0600, wayne wrote:
You appear to still be advocating using the MAIL FROM address to send
bounces to. As a result, you are advocating abusing innocent third
parties.
Excuse me but I must be missing something here.
If SPF validated the envelope sender, why would I risk sending bounces
to innocent third parties? Bounces are not evil per se.
I can
-1- receive a message, adding a flag to its headers stating the SPF status
-2- scan the message after receiving it (SA, virusscanner)
-3- store the message for a couple of days (store and forward system)
-4- find that I cannot/should not deliver the message to the final
destination because it contains bad content (-2-) or because the
user does not pick up its mail (-3-)
-5- check the SPF status flag and
-5a- decide to send a bounce (for SPF passed messages)
-5b- decide to drop (for SPF failed, SPF unsure)
If people want to receive bounces, hey, implement SPF and make sure it
is setup properly.
cheers,
Alex
--
begin sig
http://www.googlism.com/index.htm?ism=alex+van+den+bogaerdt&type=1
This message was produced without any <iframe tags