DC> What this therefore asserts is that the domain name in a From field
DC> is always tied to a fixed set of originating MTAs.
DC> The presumption is incorrect.
AD> I agree. But I still like RMX.
AD> What's important for me is that RMX allows the receiving MTA to
AD> trivially discover that the originating domain has consented to send
AD> mail from that MTA.
JCL> That doesn't work for things like yahoo, mail.com, etc who offer
JCL> POP/IMAP accounts to arbitrary users without an outbound smarthost.
JCL> It specifically doesn't work for me as I aggregate mail from ~8
JCL> addresses here at home, and have my MUA configured to automatically
JCL> generate the correct From: header depending on what folder I'm
JCL> sending mail from. Of the eight domains involved, I control only
JCL> two...
Dear J.C.,
I'm in exactly the same boat here--multiple accounts on different machines
without outbound smarthosts.
This is not an insurmountable problem, though. When the administrator of
a system decides to implement RMX records, he will need to provide
SMTP-AUTH or VPN or even a port-25 ssh tunnel. Many (most?) sites already
do something like this, but it's only fair to factor it into the work
involved in implementing the RMX approach. I have added a note to that
effect at the bottom of the page:
http://www.mikerubel.org/computers/rmx_records/#notes_limitrelays
Even with this cost factored in, however, I still believe that the RMX
solution is far better (smaller effort required to implement and fewer
things broken) than any other solution I have seen to the email forgery
problem.
Best regards,
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg