MR> I have written a new article to help explain RMX records, and would
MR> sincerely appreciate any feedback or comments you might have on it. The
MR> article here can be found here:
DC> The premise of the scheme is in the following text:
Detecting a forgery begins by realizing that email systems never
legitimately use third-party relays anymore.
Dave,
Thank you very much for writing!
I must respectfully disagree; this is emphatically not the premise of the
scheme.
The sentence you cite comes from the section on how present-day forgery
detection works. If you read on, about two paragraphs below, I write:
The problem with the forgery check just described is that while
<em>most</em> sites obey this convention, there is no shortage of
exceptions and marginal cases. One issue is that small sites
sometimes use their hosting company's mail server, and the
business relationship might not be obvious from whois records.
Also, some organizations do not (yet) provide remote
authenticated SMTP services for traveling members, relying
instead on laptops which send their messages directly.
However, there is a way to make the forgery check robust, which
we shall now demonstrate by way of example.
It is not until after this point that RMX records are introduced.
In order to make this point clearer, I have added the text:
(certain exceptions to this rule, discussed below, are the reason
forgery detection is currently an inexact science)
immediately after the phrase you cite.
Does that make it clearer?
Thanks again--
Respectfully yours,
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg