- From: David Woolley <david@djwhome.demon.co.uk>
- Date: Thu, 10 Apr 2003 21:09:26 +0100 (BST)
- To: www-html@w3.org
> I think that you are merely passing useful information, rather than > commenting on the desirability of address verification. Is my understanding > correct? I wasn't making a judgement one way or the other on whether it would be desirable in an ideal world. I was giving one reason why it would be very unreliable in a real world. Others are: - most inbound email is not handled by the machine that knows who the valid users are - I am not aware of any MTA that handles VRFY transitively - the trend is more to reject or fake it; - although end user machines could technically do MX based direct delivery++, in practice they rarely do; this can benefit the ISP, as it makes outbound spam filtering easier, and may help them comply with government regulations on recording email traffic, for crime and terrorism prevention; - about the only exception to the above rule for normal end user type systems is what might optimistically be advertised as bulk mail delivery software, but is probably better known as spamming engines, or many things unprintable; one consequence of this is that many ISPs refuse to accept any SMTP connection from an IP address that is known to be in a range used for dynamic addresses (most home users and some small businesses fall in this category); - many ISPs actually intercept attempted direct SMTP connections and handle them in their MTA (anyone using the standard configuration for one major medium to large business firewall product will suffer from the same effect); - most business IT departments would not want their desk top systems to make direct SMTP connections.... ++ Even 10 year old MS-DOS (extended) software can do this.
Received on Thursday, 10 April 2003 16:37:03 UTC