Milter-greylist

On Mon, Mar 14, 2005 at 12:25:57PM -0500, Uriel Wittenberg wrote:
> >Because at that time, you accepted the message, and the only way to send a 
> >notification is to trust the sender address. And you know this is forged 
> >most of the time.
> 
> ??
> 
> I thought the point of sending a notification to a black-listed sender was 
> to warn him in case he's actually LEGIT. If the sender address is forged, 
> why do you give a damn about notification??

You can't know if it's forget or not without trying to send a message. 
This is why most of the time filtering at the SMTP connexion time is
prefered. The key point with filtering at the SMTP transaction level is 
that you are not responsible for the notification: you refuse the message 
and the sender shall do it. If the sender is legitimate it will do it, if 
it's a spammer it won't because he's not here for sending DSN but for
spamming.

-- 
Emmanuel Dreyfus
manu@...