Chris replies to Theo:-
Checking that sender's exist (for fake emails) is only necessary when
the sender does not support SPF. For real emails - I've paid to get
it, so it's perfectly reasonable that they accept a few extra bytes
from me to help me accept it.
Checking SPF is hitting the senders DNS, so it's not cost-free anyhow
(heck - the combined costs of implementing SPF would well outweigh the
bandwidth costs from checking for legit senders anyhow)
*NOT* checking for sender existence is not free anyhow - replies &
bounces are an obvious cost, reputation destruction and phishing add
far more insidious costs.
I disagree that it could be construed as abuse. For legit emails,
it's reasonable. Anything else was originated by someone/something
with evil intent - so the abuse is from them (or from the manufacturer
of the PC they use, or from the ISP they're using, or from your
telephone company conveying their abuse to you, or from the mail
server (me) they're attacking...: in other words - it's incorrect to
pick some random person in the middle of the attack chain and call
them the abuser).