You already got a couple of responses but let me pile on.
On 3/10/2005 3:17 AM, [EMAIL PROTECTED] wrote: > However, I still believe it is perfectly legal to refuse mail if > - the HELO matches my own MX, or lists one of my IPs I do this too. My local networks get an immediate exception to all other filters, and all other connections are queried against an LDAP server that stores PERMIT/REJECT ACLs, with REJECT entries for my own networks. So if a remote connection gets to that point in the process and claims to be me, it's lying. Separately, I run a submission server on another port, which uses strict authentication, and doesn't use the LDAP ACLs. All my clients use the submission server, which allows them to roam. > - the MAIL FROM pretends to be one of my users I don't recommend that. There's the eBay problem, but there are also online newspapers and magazines ("send this article") that use ~your address as the envelope sender. There are some mailing groups that use aliases instead of lists, and some mailing lists don't "re-send" the message, in both cases the envelope sender doesn't get rewritten. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/