I have found this whole line of debate somewhat interesting, but it has clearly strayed from the real core question:
Who is responsible? Is it the responsibility of the sender to verify that they indeed intended to send the email? Or is it the responsibility of the recipient to verify senders? My personal opinion is that it is the latter. If I send an email to a valid address, I find it a bit offensive that they send a challenge back. Why is it my responsibility as the sender to teach another system to accept mail from me? Would it not seem a lot more appropriate for the recipient to be the one to manage this? The premise is the same, but it places the burden on the recipient to make the determination - which, imho, is where the ultimate responsibility lies. I don't utilize blacklists on our system based on the same rationale. I don't want something completely outside of my control (i.e. spamhaus, spamcop, etc) determining whether or not my email server should accept email from a particular host. While this adds some additional load to our system, I would much rather allow the filtering rules to make the determination based on content not strictly on a host address. - Skip
