On Mon, 2004-12-06 at 19:13 -0500, Alan DeKok wrote:
Dean Anderson <dean(_at_)av8(_dot_)com> wrote:
But to be pedantic, that's the whole *point* of MAIL FROM
checking: to know who is using your domain name in MAIL FROM, and to
control their use of that name.
Yes, I know that is "the point". However, this isn't possible.
In theory or in practice? If it's possible in theory, it's possible
in practice. The only question then is whether the cost is acceptable.
Anything's possible in theory, yes. In practice it requires a lot of the
rest of the world co-operating, but yeah, it _could_ happen. Unless SES
and DK and IIM and all the rest are shown not to be workable, I don't
think anyone could claim that the cost is acceptable.
So... am I to be permitted to control the use of my own domain name?
If not, why not? If so, then I'm free to implement SPF, or anything
other scheme I like.
In theory of course you can control the use of your own domain name.
In theory you can also control the use of your own IP addresses. You can
suddenly declare that the core routers may no longer use it on the
packets they forward; that they must use their _own_ IP addresses and
all else is 'forgery'. Good luck in getting them all to implement NAT
for you. :)
There is a difference between theory and practice.