Auteur: Tor Slettnes Date: À: Marc Perkel CC: 'Exim User's Mailing List' Sujet: Re: [exim] Is there and logical reason to reject mail from: <> ?
On Wed, 2004-10-13 at 10:15, Marc Perkel wrote: > The idea of using <> for a from address is to prevent mail loops. I have
> a thought on a solution for sender callout verification.
Callout verifications are a mixed bag in the first place. First of all,
you only establish the validity, not the authenticity of the sender.
If I send a mail with "From: <marc@???>", you would gladly accept
that (sans other checks such as SPF).
Second of all, certain grouchy old people that live on Spam-L (and
similar habitats), consider sender callout verifications to be abuse -
i.e. you make your server a tool for distributed denial-of-service
attacks in the hands of a malicious spammer. (Suppose someone sends out
a mail to 5 million recipients with "MAIL FROM:<someone@???>").
These people normally prefer the "VRFY" command rather than the "MAIL
FROM/RCPT TO/QUIT" sequence.
Finally, maybe as a consequence of the last point, some large ISPs such
as AOL will unconditionally blacklist any sites they find to be
performing sender callout verifications against their servers.