aamelnikov
commented
4 months ago Rough consensus on the mailing list to make no change and discuss this instead in A/S.
Open aamelnikov opened 7 months ago
aamelnikov
commented
4 months ago Rough consensus on the mailing list to make no change and discuss this instead in A/S.
Alexey Melnikov wrote:
On the public Internet, the contents of mailing lists have become popular as an address information source for so-called "spammers." The use of EXPN to "harvest" addresses has increased as list administrators have installed protections against inappropriate uses of the lists themselves. However, VRFY and EXPN are still useful for authenticated users and within an administrative domain. For example, VRFY and EXPN are useful for performing internal audits of how email gets routed to check and to make sure no one is automatically forwarding sensitive mail outside the organization. Sites implementing SMTP authentication may choose to make VRFY and
I think it would be useful to add an Informative reference to SMTP AUTH RFC here, "SMTP authentication (such as RFC 4954)"