On Mon, 22 Sep 2003, Doug Royer wrote: > > You do not seem to be getting the message the MTA and MUA MAY be the same > program. So NOT true. I do. Even in the same program, they are different functions. The MTA should return a bounce. You should always get a bounce, in response to an error. You should never get "no such domain" in response to typing in an email address to an MUA. > > This isn't broken. You won't send any messages because you won't get to > > the "data" command. You will get an SMTP error code. The message is never > > delivered to Verisign. > > The fact that a 3rd party knows (or can tell) that user X tried > to send email to user Y can be a violation of HIPPA security. No. Because the 3rd party didn't know that X tried to send mail to Y. The domain doesn't exist, so Y's identity has not been revealed. Only non-registered domains go to Verisign. The HIPPA argument doesn't fly at all. However, Verisign is also subject to the ECPA, and may not disclose the contents email, any more than any other communications providers can. No confidentiality (HIPPA or otherwise) is broken. I'm not sure if you are ignorant of HIPPA, the ECPA, or just fear-mongering. I guess all those people who used to say there were no laws on the internet must now be thinking "well, there ought to be". Well, they're in luck. It just happens there are laws already. --Dean