On Mon, 28 Feb 2005, Keith Moore wrote:
in the envelope I recommend that MAIL FROM:<> be used. a lot of
MTAs reject it these days, but they are clearly broken.
I agree that it is wrong to reject null return paths altogether. However
your suggestion is incompatible with backscatter detection systems (such
as BATV or Signed Envelope Sender) which assume that null return paths are
only used for bounce messages. These systems insert a cookie in the return
path of outgoing messages and require that bounce messages are sent to an
address containing a valid cookie.
This idea of obfuscating the message header does not provide proper
anonymity, since the trace fields will still contain the IP address of the
sender which is enough to identify them. Why isn't pseudonimity enough?
Why not propose a specification for properly strong anonymity based on
mixmaster or some other multi-stage cryptographic system?
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
NORTH UTSIRE SOUTH UTSIRE: CYCLONIC BECOMING NORTH OR NORTHEAST 5 OR 6. RAIN
OR SLEET THEN WINTRY SHOWERS. MODERATE OR GOOD.