MSRFCs versus RFCs?

Jim Hickstein jxh at
Tue Dec 3 04:09:07 UTC 2002

RFC-2505 (BCP-30) talks about which return codes to use, among other 
things.  Not a direct hit, perhaps.  RFC-1891 (DSNs) may also have 

You want an RFC-lawyer.  Given another hour or so, I could probably come up 
with the necessary citation, either in the RFCs themselves or in other 
suitably authoritative-sounding sources.  But my pro-bono time has run out 
for today. :-)

Or you could just ask Eric.

> ahead) If I send an email to JoeSmo at and spoof the
> Mail From as Victim at to an Exchange Server
> setup in this manor, the Exchange server will bounce an email
> to the Victim at While this is all fine and
> dandy, if a person(s) decides to use this as a mailbomb method
> and exploit this, its rather simple to do. So, in short I am
> aguing that
> 1> Mail destine for a domain not handled should be 550 Denied.
> 2> None Delivery Reports should only be sent for Domains Handled.
> 3> That a Firewall should not be doing Domain checking for SMTP
> What I am at a loss for is RFCs that explicitly state this, that
> is NDR for other domains, and accepting for other domains.

More information about the NANOG mailing list