On 10/13/2014 9:53 PM, Jerry Stuckle <[email protected]> wrote: > Not a grey area at all. "...dropping mail > without notification of the > sender is permitted...". As for the "...long tradition and community > expectations..." - that's nice, but according to some estimates, > spammers now account for over 90% of the email traffic on the internet.
And there are very simple ways to eliminate 90+% of that very simply (postfix+postscreen, without any additional tools), without risk of rejecting *any* legitimate email, and without *breaking SMTP*, which is what you are advocating. By adding a few simple additional tools (amavisd-new+spamassassin), you can easily deal with the remaining 9.9%... If you think I'm kidding, please by all means go make these silly statements on the postfix list and I'll just sit and watch the fun. > To bounce all of those invalid addresses not only would further > increase the amount of junk on the internet, That is pure and absolute nonsense. The vast majority of spam comes from botnets, and *rejecting* garbage from these results in ZERO additional smtp traffic. > but by not replying, servers tell the spammers what are valid email > addresses. More nonsense. Security through obscurity *never* works, and only, in this case totally breaks SMTP. > Finally, as for "...undermine confidence in the reliability of the > Internet's mail systems..." - it hasn't been reliable since spammers > virtually took over the email. And even when emails were rejected, it > still was no indication the recipient got the message. Of course it wasn't, but it was certainly a positive indication that the recipient did *not* receive it (as long as the sending server is properly configured). > There is, and never has been a reliable end-to-end verification of email > messages. Well, that at least is true. > BTW - by definition, any messages to any of the domains I manage without > a valid email address are "seriously fraudulent or otherwise inappropriate". Really? So when the President/CEO of XYZ Corporation, who does business with a customer whose domain happens to be managed by you, accidentally typos an email address, you consider that a 'seriously fraudulent or otherwise inappropriate' email? You must not have any real commercial customers, because I would imagine you would be a prime target for lawsuits for losing emails like this, as it would only be a matter of time before it was something important sent by someone important to someone else important. That said, I do have an email template I send to our users regularly explaining why/how email should never be considered 100% reliable, and if they ever send an email that has money riding on it being received, they should follow it up with a phone call to make sure it actually was received. I guess people like you are one of the reasons I have that template and need to send it out on occasion. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
