On Tue, 2003-03-18 at 14:07, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:
On Tue, 18 Mar 2003 11:48:17 EST, David Green said:
If the email is From:
foo(_at_)bar(_dot_)baz(_dot_)biz(_dot_)buz(_dot_)co(_dot_)uk, you would
query the MT
for "bar.baz.biz.buz.co.uk". You would never drop any parts of the name.
You got it backwards. If the mail is 'From: valdis(_at_)vt(_dot_)edu', you
need to
suck down all 200 or so MT entries in the vt.edu domain and see if my IP
is one of them.
The vt.edu domain certainly only has a few authorized outgoing smtp
relays. I don't think they handle enough mail to justify a server farm
of 200 servers just for their email.
And it's even more borked for mailing lists, because the From: and To:
don't have much to do with what's going on. The mail server for
couchpotato.net
would be looking at this message, and complaining because the ietf.org
mail server isn't an MT for the vt.edu in the From: field.
Thats why the asrg(_at_)ietf(_dot_)org address would have to be used for
authorization.
Oh, and this message is coming to you direct, and a cc: to the list - explain
how your scheme handles each of the copies that are arriving.
The copy from you to me would be authorized as coming from you. The copy
from you to the mailing list would be authorized by Majordomo to be
coming from you. When the mailing list resends the message, the message
would be checked by each recipient's MX as coming from
asrg(_at_)ietf(_dot_)org(_dot_) As
you see, the From: starts to have real meaning.
Every MX either sends to a server that trusts it (a relay), or to the
recipient's MX. The only restriction here is that the MX that initiates
the final hop to the recipient's MX must be listed as an MT for the
sender's domain.
OK. So let's say this happens:
joe(_at_)non-spam(_dot_)com sends you mail. Your server is down. So he
sends it to mail.mx-are-us.com (your off-site MX service). mx-are-us
sticks on a Auth-By: header. Later on, your server comes up. mx-are-us
sends you the mail. Now let's say you do the totally legal thing of not
preserving the Auth-By, so you strip it off.
If my MX trusted mail.mx-are-us.com, it would not strip the
Authorized-By header.
The point is you need to tighten up the language about what to do if
accepting relayed mail. The current language:
SMTP servers SHOULD remove any Authorized-By SMTP headers of
incoming mail. They MAY be configurable to preserve Authorized-By
headers on incoming mail from a set of trusted servers.
is broken. For it to be workable, you need to make it a 'MUST preserve'
for the case of mail coming from your MX'es.
Your MX's would be trusted servers.
David Green
signature.asc
Description: This is a digitally signed message part