On 2009-12-27 John Peach wrote: > On Sun, 27 Dec 2009 20:22:33 +0100 Ansgar Wiechers wrote: >> On 2009-12-26 Stan Hoeppner wrote: >>> I'll add that just about everyone disables VRFY these days to >>> prevent valid address harvesting, >> >> Which, of course, is utterly pointless. >> >> HELO example.org >> MAIL FROM:<pr...@example.org> >> RCPT TO:<address_to_be_verif...@example.net> >> QUIT > > wrong. > > there is a world of difference between; > > 502 5.5.1 VRFY command is disabled > > and > > 250 2.1.5 Ok > > or > > 550 5.1.1 <redacted> Recipient address rejected
Perhaps I'm missing something, but I fail to see the big difference when it comes to address verification. Regardless of whether you use VRFY or MAIL FROM/RCPT TO/QUIT, if the address is invalid the response will be 550 5.1.1 <address_to_be_verif...@example.net>: Recipient address rejected If it isn't, the address can be considered verified. Unless, of course, the server produces backscatter. Which it shouldn't. Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
