David Maxwell <david(_at_)crlf(_dot_)net> wrote:
You say 'forges', but isn't this exactly what any MUA does? I can
configure 'mutt' to send email from you - this doesn't mean that
legitimate mail I send from 'mutt' is also by definition spam.
It doesn't mean it's spam, but if there's no way to tell it apart from
spam, then it may as well be spam.
This is a basic principle of physics: If you can't tell the
difference A and B, then they're the same.
I can't tell the difference between spammers forging "from"
addresses, and roaming users forging "from" addresses. So to be safe,
I treat them all as spam.
When people I respect roam, they use well-established network
practices to send non-forged messages. It's simple netiquette.
It's true that there's no technical way for the *recipient* to verify
that you authorized a message. However, I'd say your logic doesn't hold
- by the line of reasoning that says any non-source-verifiable email is
technically equivalent to spam, most of the messages on this list are
also technically equivalent to spam. This does not make them spam.
It makes them as problematic to the receiver as spam.
They're not as bad as spam. Even without SMTP-layer forwarder
verification, it's fairly trivial for a content filter to verify that
messages on the "asrg(_at_)ietf(_dot_)org" list come from an MTA at "ietf.org".
Asrg mailing list