Subject: Re: Greg Woods - please fix your mailer!
To: Greg A. Woods <>
From: John Nemeth <>
List: current-users
Date: 07/06/1998 20:39:27
On Jul 6, 10:58pm, Greg A. Woods wrote:
} [ On Mon, July 6, 1998 at 20:41:21 (-0500), wrote: ]
} > In message <>, David Maxwell writes:
} > >The RFCs specifically state that an MTA MUST NOT accept a message unless
} > >it can guarantee being able to return error messages. By using a From: address
} > >with a host portion which has no MX, the mailer cannot be assured of its 
} > >ability to return errors.
} Well, as far as I know the RFCs aren't terribly specific either way on
} the exact requirements of the SMTP envelope sender address.  However
} David's conclusion is entirely correct.  RFC1123 section 5.3.3 is very
} specific about what lengths a receiving SMTP host must go to ensure that
} it will not lose a message regardless of whether or not it can be
} delivered.  This means it must ensure that the sender address is valid
} so that, as David says, errors can be reliably returned.  The only two
} ways I know to ensure in real time that an address is valid are to
} either assume it will be so because an MX record exists for the domain
} in question, or to actually try connecting to the sending host's SMTP
} port and VRFY or EXPN the sender address.  The latter is still too
} expensive and unreliable and the former is far better than nothing.

     MX records are not required.  Besides neither of your suggested
methods have any basis in reality.  I repeat, there is simply no way
to determine the deliverability of a message without actually trying
to deliver it, and that only determines the deliverability at a given
point in time.

} If you folks will pay attention to the world around you I think you'll
} find that my site, and other modern smail sites, are far from the only
} sites and mailers that are enforcing sender address verification even to
} the limit of requiring a valid MX for the sender address domain.

     Any mailer that requires an MX for the sender address domain is
majorly broken.  I really couldn't care less about them; especially,
since they represent a very small percentage of sites on the net.  I
am not going to modify my setups to compensate for other people's
deliberately broken setups.  Either fix your site, or you're SOL.

} BTW, there's little or no benefit for spam prevention in this
} verification.  Spammers are free to use the required "empty" return
} address ("<>") and many are learning to do so.  (Of course those that

     This directly contradicts the statement you made above.  You
can't send mail to the "empty" return address; therefore, if you can't
deliver the message, it will be lost.  You can't have it both ways:
allowing empty return addresses and forcing return addresses to be

} > I was under the impression that the official behavior was to use the A record
} > as an MX if there isn't an MX listed.
} Even this requirement from RFC974 (and re-enforced by RFC1123) requiring
} support for sending to hosts with only 'A' records should have been
} eliminated a decade ago.  Such nonsense is absolutely barbaric.

     I totally disagree.  If you fetch an MX record for a host that
points to itself, you're just going to turn around and fetch the A
record.  Therefore, the storage, transmittal, and processing of that
MX record is a complete waste.  BTW, you're missing an "IMHO" from
your comment.

}-- End of excerpt from Greg A. Woods