On Mon, May 17, 2004 at 02:26:37PM -0700, Jared B. Reimer wrote:
This is a pretty serious flaw IMHO, if it is (in fact) true. qmail isn't the only mailer that behaves this way. It looks like they may have tried to kludge their way around this with LDAP in the case of MS Exchange, which also does asynchronous bouncing of undeliverable mail IIRC.
Quite frankly, I'm at a loss as to why anyone would wish to accept and queue mail that they cannot deliver. Queuing everything just allocates disk unnecessarily and results in a lot of delayed bounce backscatter, almost always directed at a third party (in the common case of spoofed from: headers). Accepting everything simply because you don't wish to give away valid addresses doesn't work; the spam bots just jabber more loudly at you. In the past year I've had two domains joe jobbed, generating thousands of those helpful delayed bounce messages per hour for my role accounts. If, after RCPT TO, you do not have a valid destination, just refuse it. My role accounts thank you. --msa