So an admin sets their email to "Fred@hotmail.com" and it passes, because hotmail has a valid email server and its "syntax" is correct?

It can be validated as human by CAPTCHA:

https://en.wikipedia.org/wiki/CAPTCHA

The current wording is wasting everyone's time, and seriously, does it need a change in policy if it's implemented as is? How does it change a single thing?


-------- Original Message --------
Subject: Re: [anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps
From: Janos Zsako <zsako@iszt.hu>
Date: Wed, March 14, 2018 11:29 pm
To: Name <phishing@storey.xxx>, anti-abuse-wg@ripe.net

Dear Anonymous "Name",

> How do you check the email address is valid if you don't email it?
>
> https://www.ripe.net/participate/policies/proposals/2017-02

I think the NCC will be able to tell more details when the plans are ready.

For now, the relevant part is probably:

> The RIPE NCC will validate the technical parameters of an “abuse-mailbox:” attribute, such as syntax, domain and mail server configuration, to determine if it is correctly configured to receive messages.

One can determine with a high degree of confidence whether mail sent to a
given address is accepted for delivery by the mail server specified as MX
in the DNS for the given e-mail address. To me it is a good start and
much more than not checking anything.

One can probably not test whether the accepted mail is indeed delivered
and even less whether is is eventually read by a human. The latter cannot
be checked even if one does send the e-mail and even get a reply (generally
speaking one cannot be certain the response was sent by a human).

Therefore, I would leave the details to the NCC for now.

Best regards,
Janos