Hi,
I especially like the "no email is dropped" part. That is one of the
main reasons why I've been involved in the SPF project. In order to
keep email as a reliable form of communication, people need to know if
their email got through or not. Too many systems have started to
silently drop email instead of bouncing because of all the forged
email. Yes, it is best if you can reject during the SMTP session
rather than bounce later, but that isn't always possible.
Our server will issue a 550 then close the connection. The reason is simple.
We have had too many DOS attacks where sites open up connections and send
repeated rcpt to's even after the mail from failed.
There are too many zombies out there to hold connections open over low
bandwidth links to machines you know are busted.
Richard.