On Sat, 26 Dec 2009 18:46:48 -0600 Stan Hoeppner <s...@hardwarefreak.com> replied:
>I'll add that just about everyone disables VRFY these days to prevent >valid address harvesting, so if 5321 or any other RFC requires >accepting VRFY then we are all out of RFC compliance. <QUOTE> 3.5.3. Meaning of VRFY or EXPN Success Response A server MUST NOT return a 250 code in response to a VRFY or EXPN command unless it has actually verified the address. In particular, a server MUST NOT return 250 if all it has done is to verify that the syntax given is valid. In that case, 502 (Command not implemented) or 500 (Syntax error, command unrecognized) SHOULD be returned. As stated elsewhere, implementation (in the sense of actually validating addresses and returning information) of VRFY and EXPN are strongly recommended. Hence, implementations that return 500 or 502 for VRFY are not in full compliance with this specification. </quote> That should be changed. No server should be forced, or at least encouraged to implement the 'VRFY' command. -- Jerry postfix.u...@yahoo.com TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html The absurd is the essential concept and the first truth.
