> > From: Keith Moore <moore@cs.utk.edu> > > > ... > > > That is the same sort of reasoning that spammers use to justify > > > their activities. > > > > it's also the same sort of reasoning that you used to justify > > sending this mail to the IETF list. > > You know that is a false statement. it's as true as your statement was, and for the same reason. > You know that subscribers to this > list ask to receive all of the good stuff with the drivel, except for > the out-right spam and the messages from banned individuals. You also > know that no one asks to have their SMTP servers do a useless cycle > in addition to receiving an auto-response. they don't ask to have their DNS servers queried either. nor do they ask to have their SYNs ACKed. actually very few users try to specify how a service should be implemented, they just want it to work well. > > > - bounces would not bog down your mail servers, since you can discard > > > or otherwise deal with bounces with no more "bogging" than you are > > > spending poking at other people's systems. > > > > for a variety of reasons, that's simply not true for the cases where > > I'm using it. > > How did I guess you would see things that way? It is, of course, > nonsense, because you could arrange to not receive any bounces just > as some spammers do. I *want* to receive some kinds of bounces, because they give me clues about how well the system is working. But I see absolutely no reason to send large files to people who don't supply a valid return address, nor to do database searches for them, nor to try to process commands that they send to a command interpreter. > > > (Many spammers want to receive bounces to clean their > > > lists, because some big ISPs and others automatically black-list > > > SMTP clients after they've sent to too many bad addresses.) > > > > perhaps, but even the spammers who clean their recipient lists don't > > necessarily use valid return addresses, and it's the return addresses > > that I'm checking. > > That's nonsense that you would see as such if you were not stuck > on rationalizing that which you know is dubious. Spamemrs who want > bounces to clean their lists do indeed use valid return addresses. You must get spam from different folks than I do, then. If the spammers use SMTP RCPT to cull bad addresses from their lists I'm not at all surprised, but most of the spam I see still comes from people who want to hide their tracks for the actual spam. > > > - a mechanism that could really determine that addresses are valid > > > could be useful in a web page to provide immediate feedback to > > > users. The reality of MX servers, firewalls, sendmail "catch-all" > > > maps, and other things make the RCPT command too unreliable to use > > > for that purpose. > > > > BS. a simple syntax check isn't perfect either, but it's useful to > > catch some errors. this catches some more errors, without exhibiting > > false positives. it also has a cost, which is why I haven't > > recommended it for general use. but that doesn't mean it is useless. > > Charges of "BS" from someone who admits never having measure the > effectiveness of the mechanism are ironic. No, you're trying to insist that I define "effectiveness" in your terms. Keith