Prev: address rewriting for remote clients
Next: Rejecting invalid email addresses with SMTP relay/forward
From: John Peach on 27 Dec 2009 19:42
On Mon, 28 Dec 2009 00:39:35 +0100
Ansgar Wiechers <lists(a)planetcobalt.net> wrote:

> On 2009-12-27 John Peach wrote:
> > On Sun, 27 Dec 2009 23:34:47 +0100 Ansgar Wiechers wrote:
> >> Perhaps I'm missing something, but I fail to see the big difference
> >> when it comes to address verification. Regardless of whether you use
> >> VRFY or MAIL FROM/RCPT TO/QUIT, if the address is invalid the
> >> response will be
> >>
> >> 550 5.1.1 <address_to_be_verified(a)example.net>: Recipient address rejected
> >>
> >> If it isn't, the address can be considered verified. Unless, of
> >> course, the server produces backscatter. Which it shouldn't.
> >
> > No it is not.
> >
> > 502 5.5.1 VRFY command is disabled
> >
> > just tells you that VRFY has been disabled; not the validity of the
> > address.
>
> You're missing the point. When you find that VRFY is disabled, you'd
> simply use
>
> MAIL FROM:<a(a)example.com>
> RCPT TO:<address_to_be_verified(a)example.net>
> QUIT
>
> instead of VRFY.
>
> If the server doesn't produce backscatter (i.e. accepts first, bounces
> later), the result of the above sequence will tell you whether or not
> <address_to_be_verified(a)example.net> is valid.

I'm not missing the point - simply explaining why most sites disable
VRFY and that it is not the same as mail from:; rcpt to:
Admittedly, it makes very little difference these days, but in the late
90s/early 2000s it was one tool in the box.

--
John

First  |  Prev  | 
Pages: 1 2 3 4 5
Prev: address rewriting for remote clients
Next: Rejecting invalid email addresses with SMTP relay/forward