On Thu, 2006-02-16 at 20:31 +1300, Craig Whitmore wrote:
Quite a number of email servers use callbacks
[...]
This would fix calls backs
I've read through this thread multiple times, but I still can't see the
actual problem you're trying to address.
If an MTA does callback verification of incoming messages' MAIL FROMs to
make sure that each one is a valid MAIL FROM address, by doing a CBV
test of querying with a pretend-to-be-a-bounce "MAIL FROM:<>", well,
that makes sense. (I do that in fact.)
If you're saying that some MTA's try to do an equivalent of a VRFY
command by doing the same sort of CBV's (with "MAIL FROM:<>") on
*outgoing* messages to verify RCPT TO: addresses, then that's just
obviously completely wrong (1)--but they could still do the same type of
test with a real address--simulating the sending of an new message
instead of simulating the sending of a bounce.
So where does any advantage come in by delaying the acceptance of a
bounce/message test/not-test until after DATA?
(1) For instance, "user(_at_)example(_dot_)com" might be a valid address
to send mail to, but if example.com does SES it might not
be valid address to send bounces to, so CBV tests querying
via "MAIL FROM:<>", "RCPT TO:<user(_at_)example(_dot_)com>" should
obviously fail, even though a test of
"MAIL FROM:<user(_at_)other(_dot_)example(_dot_)com",
"RCPT TO:<user(_at_)example(_dot_)com> should succeed.
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com