From: Stuart D. Gathman
Sent: Thursday, July 07, 2005 5:27 PM
On Thu, 7 Jul 2005, Seth Goodman wrote:
A harvested reverse-path is only marginally useful for current bulk
spamming practice. However, it is extremely useful for someone who
wants to impersonate me. That is why BATV and (original) SES are
great for blocking forged mail, but no good for authentication.
A harvested SES return path protects a body hash that will not match any
That's why I said "original" SES. The one with validation limits, but
no body hash. I know about the new body hash version. It is a
good idea, but too complex for me at present. I don't want to deal with
getting correct body hashes just yet.
Thanks for clarifying. You are right, of course. The original SES, without
body hash, is good for rejecting bounces for mail you never sent but not
useful for authentication. The body hash does add some complication, as you
point out, but it gives you a higher level of authentication. It also makes
it virtually impossible to forge someone's identity by harvesting a signed
message. This will be necessary if a scheme like SES ever becomes widely
used.
As for authentication, what we can determine with the newer body hash
version is whether the message came from the domain (or MTA, depending on
signing policy) claiming to have originally sent it. The caveat is that it
will always be up to the operators of a shared MTA to prevent cross-customer
forgeries.
--
Seth Goodman