On Wed, 2005-07-06 at 17:36 +0200, Hannah Schroeter wrote:
Makes some sense, though, they're bogus and should be fixed (IIRC,
postfix is one of the more popular ones among them :-( ).
Nevertheless, one has to err on the side of caution. It's better to
accept the odd fake than to reject the odd valid mail. The relative
costs of each are massively disproportionate.
Systems doing SMTP verification of email addresses using MAIL FROM/RCPT
TO should differentiate and verify envelope senders with an empty own
MAIL FROM, and verify other addresses with a non-empty special MAIL
FROM (which should be valid, and have SPF unknown or pass, too).
-EPARSE. When you say 'verify other addresses with a non-empty specia
MAIL FROM' you mean "non-reverse-path addresses' by 'other addresses'?
As in Exim's verify=header_sender? In that case yes, absolutely.
--
dwmw2