G.W. Haywood wrote: > On the point about accepting and then rejecting, no, you misunderstand > the SMTP conversation. It is perfectly possible to read an entire mail > message and yet still reject it.
Presuming you mean the message is read up to the final cr.cr, this is true. It is the last decision point for accepting or rejecting the message. That is the point at which delivery responsibility changes from the sending MTA to the recipient MTA. It is also possible the sending system will send the final cr.cr and drop the connection before receiving the status - spammers have no use for the status. But it's worth knowing what happens with the message and your MTA when the connection is dropped at that instant. Beyond that, some MTAs will accept responsibility for message handling and then later discover it is not deliverable. They then send an NDR to the From: address which can be any random string that looks like an email address. Often it is a real address with an active mail box and so that is where the NDR goes. This is allowed by the RFCs but is incredibly stupid to allow. The problem is often a matter of the secondary not having a current (or any) list if valid users. This even happens when the primary is not privy to the valid user base but simply throws incoming mail to an Exchange server inside the firewall. It can also happen when multiple MX servers for a domain have dissimilar filtering, for example. The secondary with weaker filtering accepts the message and delivers it to the primary which rejects it. The secondary still has the delivery responsibility and is compelled to send an NDR to the original sender so somebody's granny gets spammed. Back to the original discussion - nothing I've read has convinced me that using 5xx codes is anything but a good idea, and it allows me to focus on problems in my own part of the net and more importantly to ignore problems others are having because they are too altruistic, or too misconfigured. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml