On Tue, 2004-03-09 at 20:21 -0600, wayne wrote:
It is more than just "the potential". Spam is far more likely to
trigger a bounce than legitimate email.
It is definitely appropriate to say 'the potential'. What part of "only
when the primary MX host is actually down _and_ we receive mail for an
invalid user at the target domain which is not a cached negative" do you
not understand?
Using SRS on all your outgoing email is a way of protecting yourself
from people who think it is ok to send bogus bounce to innocent third
parties.
That includes everybody who I consider competent to run a mail server,
and that has been the status quo for years.
The strange thing is, you made strong objections to the SRS1
short-cutting because of the far smaller potential for abusive
bounces, but apparently, you are perfectly happy to bounce stuff
directly. I don't get it. I think both are bad.
No. I made objections to the SRS1 short-cutting because of the potential
for abusive mail getting through directly, not actual bounces.
I do think that all too many mail admins have decided that it is better
to silently drop email rather than generate a bounce.
If even one person thinks that, then it's too many. Just like those who
elect to reject all MAIL FROM:<>, these people really need to be
prevented from ever holding a position of responsibility again.
Hotmail, MSN, Yahoo, AOL, etc. are all know to silently drop large
quantities of email. This is *bad*, but this is the state of email
today. SPF, and other designated mailer systems, may be able to
change this back.
Have you evidence to support this? I received a bounce from AOL only
yesterday. Actually it was a bounce which should have been avoided,
because one of their machines accepted a mail to invaliduser(_at_)aol(_dot_)com,
then only later decided to bounce it after another of their machines
rejected it. But a bounce nonetheless.
If you think bounces are so bad, why don't you start rejecting all MAIL
FROM:<> ?
--
dwmw2