--On 1 July 2009 17:28:16 +0200 Alessandro Vesely <vesely(_at_)tana(_dot_)it>
Thus, it turns out that if an MTA does mixed MSA and old fashioned port
25 relaying for its clients, its IP cannot convey accountability.
The fact that it cannot (may not?) convey accountability does not mean
that it cannot or should not be held accountable for what it emits.
I understand the 2nd "it" as referring to the MTA, not the IP address. It
doesn't make much difference, since both of them are objects. AFAICS, the
point is to hold _someone_ accountable, so that it might be theoretically
possible to claim damage, in case. It is like an insurance, and
postmasters tend to stipulate it with IP numbers rather than DNS names.
Because there is currently usually no alternative. You can only know the IP
address of the sending MTA. It's hard to connect that to a person, or
organisation, so the usual thing is to check against a reputation service.
With some reason to trust that the domain of the return-path, or in some
message header, is not forged, you can go a lot further. You have the email
address of the postmaster, and quite likely of the sender. If you don't
have the email address of the sender, then that's an issue that needs
sorting out within the domain.
"Accountability" can be applied in many ways, including:
1) assignment of reputation - in future DNSBLs will be supplemented or even
replaced by domain reputation services.
2) freely bouncing undeliverable messages, like we used to do.
3) complaining to the sender, their company, or their postmaster.
4) legal santions, up to and including prison sentences.
Asrg mailing list
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
Asrg mailing list