Received: from localhost by CS.UTK.EDU with SMTP (cf v2.9s-UTK)
	id XAA23298; Tue, 5 Dec 1995 23:34:20 -0500
Received: by cs.cs.utk.edu (bulk_mailer v1.3); Tue, 5 Dec 1995 23:33:37 -0500
Received: from jean-baptiste.internetMCI.ietf.org by CS.UTK.EDU with ESMTP (cf v2.9s-UTK)
	id XAA23256; Tue, 5 Dec 1995 23:33:35 -0500
Received: from CS.Berkeley.EDU (eric@localhost [127.0.0.1]) by jean-baptiste.internetMCI.ietf.org (8.7.Beta.10/8.7.Beta.9) with ESMTP id RAA00679; Tue, 5 Dec 1995 17:21:09 -0600 (CST)
Message-Id: <199512052321.RAA00679@jean-baptiste.internetMCI.ietf.org>
To: Harald.T.Alvestrand@uninett.no
From: Eric Allman <eric@sendmail.org>
cc: drums@cs.utk.edu
Subject: Re: My opinion on VRFY 
In-reply-to: Mail from Harald.T.Alvestrand@uninett.no 
	dated Tue, 05 Dec 1995 17:11:04 CST
	<199512052311.RAA00176@dale.uninett.no> 
Date: Tue, 05 Dec 1995 17:21:08 -0600
Sender: eric@CS.Berkeley.EDU

This may be harder than it at first appears.  For example, if I forward
my mail to "eric@some.other.site" you probably want to give a 251.
But if I forward my mail to "|procmail" you probably want to give a 250.
Also, VRFY should be fast, and there is nothing that prevents people
from forwarding their mail to 10,000 users (I really have seen people
do mailing lists this way).

The way sendmail handles this right now is to treat VRFY as a check
to see if the address is valid.  If it is an alias, it checks to see
if the alias exists (but does not attempt to expand the contents of
that alias).  If it is a real user, it looks that user up in the
passwd file (but does not open or expand .forward files).  In other
words, it does a fairly reasonable plausibility check, but does not
make absolutely best effort, which can be costly and time consuming.

I'm going to make the possibly contentious suggestion that what sendmail
does now is correct and that specifications of VRFY that require it to
take potentially unbounded time would be in error.

eric


Re:
: From:  Harald.T.Alvestrand@uninett.no
: Subject:  My opinion on VRFY
: Date:  Tue, 05 Dec 1995 17:11:04 -0600

: This is written during the WG discussions in Dallas....
: My opinion of what we should say about VRFY is:
: 
: - We should require VRFY.
: - VRFY should be better than it is about local/nonlocal addresses
: 
: The relevant sections are 3.5 and 4.1.1.6
: 
: Today, lots of systems return:
: 250 <real address> - no information available on whether it was
:    checked. 
: 
: I suggest the following language in 3.5.2 or its successors:
: 
: The following codes SHOULD be returned on VRFY:
: 
: 250 Local user <real address> (information in front of the address
:   - user was local, and mail will be delivered. Making some change
:   to the supplied address is critical in order to distinguish from
:   older, non-conforming systems.
: 251 Will forward to <real address>
: 252 <real address> - user is not local to this system. This SHOULD be
:    returned whenever the mail will be relayed to another system, even if
:    that is part of the same machine (like the CMU mailers).
: 550 Cannot VRFY (perhaps because of access control)
: 551 User not local, and I refuse to relay to <real address>
: 553 Ambiguous
: 
: (currently 252 is not listed as a result in 4.3 - that's probably a
: bug)
: 
:        Harald