> From: "Robert G. Brown" <rgb@xxxxxxxxxxxx> > ... > If a message comes in incorrectly addressed, yes, it will bounce. It > should, shouldn't it? This has nothing to do with whether or not it is > spam or a virus or any other kind of message. If it is a bad thing, it > is a very fundamental bad thing... > ... If the envelope sender was forged as is common in spam, universal in worms, and practically nonexistent in legitimate mail, then your bounce will afflict third party's mailbox. My mailbox receives enough worm bounces to make me say it is an awfully bad thing. The only fix is to have your external MX servers know all valid addresses and so reject junk before it can be accepted and later need to be bounced. That fix is often impractical or impolitic. No, SPF, RMX, TOES, etc. etc. etc. cannot fix this problem unless you assume frictions (deployment resistence and delays) do not exist or you discard SMTP design goals including transporting messages among complete strangers. People who know each other's crypto keys are not strangers. If you could someday trust organizations to vouch for strangers and not sell spam-for-a-day certs to Ralsky/Ricther/&co, then today you could trust the same outfits to not sell spam-for-a-day/week/years IP bandwidth accounts. Vernon Schryver vjs@xxxxxxxxxxxx