existenz said:
What I am not following is what address does a user get a email from?
You've still got me completely lost.
A user gets email from whomever sends it to him. In the case of spam the sender address is usually not valid and is not worth considering.
If you could specify the address that would be perfect.
How could I specify an address someone sends me mail from? I have no idea how I could begin to specify an address for a spammer to use when sending me email.
Or do you mean create a blacklist system so the whole world is forbidden, and then a whitelist system so that I could only get mail from someone if they've registered their address with me?
If the latter, then how would I know who to put in the whitelist? This is doable, and there are already some commercial services doing this; it's called challenge/response, and I'll never write it or support it except as a custom project, because I find it too restrictive and I'll never use it.
Most spammers have intelligent servers that harvest repleys from sent address. If the address returned is one they sent to they validate the address as real.
How would the spammer get an "address returned" as you put it, unless you answer their spam? Do you mean the spammer would get an address from a deliver error (which is what a block message really is)? I've already explained why spammers don't read delivery errors; it's in their interest to ignore delivery errors and focus on the email they don't get delivery errors for.
The last part is if we assume that the above is happening
What above is happening? You're writing back to the spammer? I don't see how else he's going to get what you call an "address returned". Or do you really believe that spammers take the time to harvest addresses from delivery errors? If so, then what leads you to believe that, since all it would do is give spammers a list of addresses that are known to be
no good?
and the address is not generic
What's your definition of a generic address? I have no idea what you mean.
then the problem to users is once they move to a server without features like this they could be flooded with Spam.
I'd be a bit more forceful than you; I'd say anyone who has a domain hosted somewhere without SpamBlocking will be flooded with spam, which will have to be handled in some way either automatically or manually.
I am not saying SpamBlocker is bad I just disagree with a bounce message from me.
Then don't use SpamBlocker.
Or rewrite it to drop rather than reject.
However if you drop email based on inclusion in spam block lists then you will see some repurcussions, sooner or later:
1) you
may drop some legitimate email without warning
2) if you ever need to post for help to any anti-spam lists you won't get much until you become RFC-compliant.
3) you
will continue to receive email from the few spammers who would otherwise drop you once they get a certain number of bounces (some spammers do drop; most don't).
That is as bad as people who leave up vacation messages and are flooded with mail.
I have no idea what you mean by this either.
As as far as the RFC's are concerned we don't allow domain literals
Actually a good many of us do, especially for postmaster accounts.
We both know you can't follow the RFC's 100% right now till new ones are released to deal with the spam epidemic.
Do what you want.
Something tells me you will.
Something tells me you will continue to tell people who don't understand the ramifications of doing it your way, to do it your way, because you think it's the best way, and the fact that the concensus of the internet is that you're wrong just doesn't matter to you.
That's fine. Drop anything you want. Tell anyone else to drop anything you want.
Jeff
.