On Sun, 27 Dec 2009 23:34:47 +0100 Ansgar Wiechers <li...@planetcobalt.net> wrote:
> On 2009-12-27 John Peach wrote: > > On Sun, 27 Dec 2009 20:22:33 +0100 Ansgar Wiechers wrote: > >> On 2009-12-26 Stan Hoeppner wrote: > >>> I'll add that just about everyone disables VRFY these days to > >>> prevent valid address harvesting, > >> > >> Which, of course, is utterly pointless. > >> > >> HELO example.org > >> MAIL FROM:<pr...@example.org> > >> RCPT TO:<address_to_be_verif...@example.net> > >> QUIT > > > > wrong. > > > > there is a world of difference between; > > > > 502 5.5.1 VRFY command is disabled > > > > and > > > > 250 2.1.5 Ok > > > > or > > > > 550 5.1.1 <redacted> Recipient address rejected > > Perhaps I'm missing something, but I fail to see the big difference when > it comes to address verification. Regardless of whether you use VRFY or > MAIL FROM/RCPT TO/QUIT, if the address is invalid the response will be > > 550 5.1.1 <address_to_be_verif...@example.net>: Recipient address rejected > > If it isn't, the address can be considered verified. Unless, of course, > the server produces backscatter. Which it shouldn't. No it is not. 502 5.5.1 VRFY command is disabled just tells you that VRFY has been disabled; not the validity of the address. -- John
