From: Charles M. <CMarcus@Media-Brokers.com> - 2008-06-13 17:00:45
|
On 6/13/2008, GrayHat (gr...@gm...) wrote: > Maybe I was unclear; I'll try to explain it better; let's say we have > ASSP sitting somewhere and acting as an MX (MTA); Well, it is NOT an MTA... it is a PROXY... but yeah, I am with you so far... > our ASSP receives an SMTP connection from an external MUA, ? it generally only accepts connections from other MTAs, not MUAs... at least that is the only way I have ever used it... > the sender starts the session then sends in an "RCPT TO" command; at > this point ASSP sends a "VRFY" command to the backend mail server to > check it the entered recipient address is valid, and, depending on > the response ASSP accepts or reject the recipient (as it happens now > if you enable the LDAP validation); on the other hand, if an outside > MTA connects to ASSP and sends in a VRFY command, ASSP will disallow > it (from the external) and emit an error > > more clear now ? No... I WANT ASSP to only accept mail from other MTAs for valid recipients... thats the whole point of recipient validation. Let *me* be clear... ASSP should almost *always* (there are some very specific and rare circumstances where this may not be the case) perform recipient validation for *all* domains - and *only* domains - that it is authoritative for. -- Best regards, Charles |