On 2022-08-13 19:09:26 -0400, joe a wrote:
> On 8/13/2022 4:52 PM, Vincent Lefevre wrote:
> > Well, if you don't reject the mail with the reason that the address
> > is invalid, the spammer could deduce that the address is valid
> > (at least potentially valid). By not rejecting spam, the spammer
> > could think that the spam arrived at its destination and would
> > validate the address.
>
> Rejecting mail for an invalid recipient was not my concern. In the case of
> an invalid email address is certainly proper to inform the sender of that
> fact.
>
> I could even agree that informing senders of "false positives" is useful as
> well, but doing that via a "REJECT" would seem burdensome. REJECT-ing email
> that is flagged by one of the DNS RBL thingies still seems to me to be
> wasted effort and possibly counter productive.
There may be false positives. For instance, the mail server
(smarthost) of my laboratory occasionally gets flagged by RBLs
because the accounts of some users gets compromised and start
to become a spam relay. But the smarthost still sends legitimate
mail and the sender should be able to know that mail he has sent
is rejected because of the blacklists.
> Why waste your own system resources to help a scoundrel? Drop them and be
> done.
The resources of the recipient are not wasted: the only difference
is the status code returned to the sender. The resources of the
sender may be "wasted", but:
* If the message is legitimate (false positive), this allows the
sender to know that the message has not been received.
* If the message is really spam, this may waste the resources of
the spammer, but who cares...
--
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
