On 5/17/2014 6:14 AM, Charles Marcus wrote: ...
The reality is that the RFCs mandate that the null sender envelope address is one that must be accepted, as there are many things smtp that depend on it. ...
Spammers tried to take advantage of null sender handling en masse many years ago and had little success with it. Receivers rejected the messages by standard anti-spam mechanisms such as non existent PTR, dnsbls, content filters, etc. And in fact some spammers still try to use null sender today. Recent examples from Chinese IP space sending spam to messages IDs scraped from mailing list archives, clearly a spam bot infected PC:
Apr 29 22:32:52 greer postfix/smtpd[4968]: NOQUEUE: reject: RCPT from unknown[14.148.130.120]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [14.148.130.120]; from=<> to=<4D18F665.6090709@hardwarefreak.com> proto=ESMTP helo=<a01> Apr 29 22:32:52 greer postfix/smtpd[4967]: NOQUEUE: reject: RCPT from unknown[14.148.130.120]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [14.148.130.120]; from=<> to=<4D18F04D.3040604@hardwarefreak.com> proto=ESMTP helo=<a01>
Check your mail logs and you'll likely find such rejections of null sender as well.
Certainly one should never reject mail based on the presence of the null sender address, but by no means should anyone have a blanket accept policy based on the mere existence of the null sender address, regardless of what the relevant SMTP RFCs might say on the matter. That would simply result in more spam in inboxen and/or more load on one's content filters.
Cheers,
Stan