Tony Finch wrote:
ideally, return-paths would be authenticated (in the sense
that the sender needs to be able to demonstrate he has the
right to use that return-path), and MTAs wouldn't bounce
messages that failed authentication.
This is the fallacy of universal deployment: you can't assume
that everyone will upgrade their systems to conform to best
current practice, so you can't rely on BCP to eliminate
backscatter.
There's no fallacy and no FUSSP if you can get the spammers
to think that it's not in their best interest to forge any
authenticated return-paths. It's a self-fulfilling prophecy
for the "collateral spam" part of the problem. Without it
the best 3834 application would be "shoot [Auto] on sight."
Bye, Frank