On Fri, Apr 16, 1999 at 08:48:01PM -0500, John Hasler wrote: > Same here. Bizarre, isn't it? What the hell is the point in verifying the > domain if they are going to believe whatever you tell them?
A reasonable number of mail clients will manage to set the Return-Path: for users, and quite a few systems can be set up to rewrite it. In either case, the Return-Path: won't match the originating host. Users may do this for perfectly legitimate reasons (eg, their laptop mail client is set up with the office e-mail address even when they take it home and use an ISP). You can also find that mail will be queued by a server that doesn't come from the same domain as the message sender (eg, an ISP providing an outgoing mail relay for leased line customers or an off-site MX for your system). In contrast, a large proportion of the bogus domains used by spammers don't exist at all. Rejecting nonexistant domains will catch them, but not interfere with any of the above cases. -- Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness) http://www.tardis.ed.ac.uk/~broonie/ EUFS http://www.eusa.ed.ac.uk/societies/filmsoc/
