Michael Thomas wrote:
If the mail is sent by dick(_at_)earthlink(_dot_)net (or a virus on their
machine), with an envelope from address of jane(_at_)earthlink(_dot_)net out
through the DKIM stamping earthlink smarthost and you generate a
bounce, that bounce will go to Jane.
Sure, but at least it's reduced to an intra-domain problem which earthlink
has the capacity to remedy.
I probably should have commented on this in my first reply to Steve:
Originating sites are not currently expected to validate return addresses.
The scheme I've suggested means that the return address is, in fact, validated.
How can a potential bounce generator know whether this particular message has
a validated return address? Note that the mere presence of a DKIM signature
does not guarantee this particular validation issue.
That's why the SSP-type record might be necessary.
NOTE WELL: This list operates according to