The problem with email path verification is how to start it up. I
suggest the following.
First there is the buildup stage. All mails arriving whose path is not
verified are marked as unauthorised to the recipient and a copy of the
mail is sent back to the sender and the senders postmaster to inform
them that their address has been used in an unverified way. In that way
the sender becomes informed if their address is being misused or that
their servers lack mail path verification. Together with the returned
email is sent information on how to find information to arrange email
path verification in DNS and sendmail (and other MTA's). The return
email also contains information about from which date unverified emails
are going to be rejected.
This buildup stage runs for some months (a predefined period) until all
Internet has been aware of the problem and the solution and reasonable
time has been offered for organizations to implement solutions. After
the buildup stage comes a deadline where all unverified emails are rejected.
As far as I can see the deployment of this solution can be managed by
the Internet society. If this proves impossible I say we must turn to
Koffi Annan, George Bush, Göran Persson or someone else within politics.
David
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg