How so? The owner of the forged e-mail address would still receive a bounce message (from the MTA this time).
The bounce would come from the upstream server, not the TMDA server. If the upstream server is an open-relay and the bounce goes to a forged address, the open-relay's postmaster would be responsible for sending it to the forged address, not the administer of the TMDA server.
From http://www.jfitz.com/qmail-localfilter/index.html:
"The good thing about having your server reject the message (with an SMTP 550 code, not a bounce) is twofold:
- Spammers may eventually take you off their lists. Most spam comes directly from spammers' own machines, or machines they have hijacked, so they do register the 550's - and it is wasting their time and bandwidth too.
- If you block a message from a legitimate sender, their own mailserver will send them a failure notification, (which is probably better than having it look like you are ignoring your friends).
None of this would apply if you were filtering after the mail has been queued. In this case you really would be generating the bounce, and the best information that could be used to send the bounce would be the return-path. In this situation, you probably would do best to swallow the mail and say no more."
Challenging messages at the SMTP levels also avoids additional delays in sending the challenge resulting from potentially large backlogged queues on TMDA servers.
--
James Thornton _____________________________________________ Internet Consultant, http://jamesthornton.com
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
