ietf-asrg
[Top] [All Lists]

RE: [Asrg] TitanKey and "white lies"... (Faking SMTP hard errors "improves" C/R utility?)

2003-05-29 19:31:14
From: "Eric D. Williams" <eric(_at_)infobro(_dot_)com>

...
IMHO the only relevant header information to determine 'sender' forgery is the 
Return-Path: field reported by the receiving server.  In this case I am 
referring to the receiver that is presented at the recipient border that 
interacts with the 'spamming' system or (if headers are not munged and are 
legitimately preserved as recommended RFC2822 and RFC822) by the terminating 
end of the store-and-forward message transfer.

I'm having trouble matching those words with the middle of page 50
and continuing through page 51, section 4.4 of RFC 2821.  RFC 2821
seems to me to say that the Return-Path header is ought to be a copy
of the envelop Mail_From value.  For example, 'the delivery SMTP server
makes the "final delivery"' doesn't sound like "the receiver that is
presented at the recipient border that interacts with the 'spamming' system."

Notice the text at the top of page 51:

   any further (forwarding, gateway, or relay) systems MAY remove the
   return path and rebuild the MAIL command as needed to ensure that
   exactly one such line appears in a delivered message.

In other words, I not happy with such talk about the Return-Path header.
As far as I can see, what matters is the value that is supposed to be
copied from the envelope Mail_From command to the Return-Path line.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>