On Tue, 5 Sep 2006, John Levine wrote:
Like it was mentioned, I would remind that BATV is a modification of
SES which came from SPF community.
Actually, it's the other way around.
You know I've been around during that time too - you better have very
good evidence before you make statement like above.
Sorry, pissing contests are off-topic for this list.
I was not getting into one. My point is that all public evidence
clearly indicates that SES predates BATV by about a year. And I
was very surprised that you said you did it based on something
else - that is directly opposite to what you said before. But
if you don't want to tell us what it is, that's fine, I'll live
this topic along if it causes you concerns about "pissing contests".
SES and BATV have very different goals.BATV protects against bounce
forgery blowback. SES is, as best I understand it, includes a signed
checksum of the message intended to let recipients check that the
message was really sent by the putative sender, and some sort of
callback to keep people from delivering the same message many times.
As I'm not SES designer, I can not for sure speak about their goals
when it was being developed. My understanding however is that SES
had the same overall goals of stopping blowback and forgery of
envelope MAIL FROM email data.
Developers at some point decided to extend that to include forgery
(or non-repudiation maybe?) of email as a whole (i.e. DATA) - I don't
think this was ever fully implemented through. Whoever is using it
(as modification of SRS or directly) are all doing it exactly same
way as you do with BATV as way to verify MAIL FROM.
In basic terms leaving (leaving difference in record syntax and format)
BATV is basically a subset of SES where SES allows to do a lot more
functionality that BATV either does not specify or does not allow.
My interest is still to bring it to see standard format for MAIL FROM
signature-like data (including also VERP and SRS) but I'm not going to
support BATV format over SES or something else (even though you did add
second separator symbol making even closer to SES syntax) unless SES
developers and others agree with it and my guess is some neutral
yet-unused name will have to be for generalized format.
All that BATV does is to let you check incoming bounces to see if they
were provoked by something you sent. It's a much smaller goal, but
much more achievable.
SES works same way plus allows 3rd party to check if you'd accept the
bounce by making DNS query to special RBL-like server (think of it as
SMTP call-back to verify BATV bounce address is correct; but dns is a
lot simpler effort to do it).
Asrg mailing list