ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 0. General - anti-harvesting (was Inquiry about CallerID Verification)

2003-12-01 03:15:28
from [Peter J. Holzer] [Permanent Link] 
On 2003-12-01 09:50:53 +0000, Bart Schaefer wrote:

On Dec 1,  4:35am, Eric S. Raymond wrote:
}
} Bart Schaefer <schaefer(_at_)brasslantern(_dot_)com>:
} > Suppose the (not uncommon case) of a sending MTA that is not the
} > same host as the MX for the sender's domain. Call these MTA1 and
} > MX1. A message is transmitted via MTA1 to the recipient's MX, which
} > I'll call MX2. If the sender mailbox is valid at MTA1 -- that is,
} > MTA1 can successfully deliver a DSN to that mailbox in the event of
} > a 5xx response from MX2 -- where is the requirement that the mailbox
} > also be valid when presented as a RCPT TO: at MX1?
}
} RFC2821 says the Return-Path has to be the same address that was
} presented to the MAIL command.

So what?  MX1 isn't any party to the protocol exchange between MTA1 and
MX2.  The reverse-path is completely valid as far as MTA1 can tell; if
MX2 responds 5xx, MTA1 will do the right thing.


Yes, but if MX2 accepts the message (e.g., to pass it on to MX3) and
then discovers a problem, it won't be able to send a DSN. Since MTA1
cannot know whether MX2 is the final delivery agent or just an
intermediate relay it has to send a globally useful reverse path, not one
which is useful only at MTA1.

The open question is: Do the requirements, which the RFC puts on the use
of the reverse path (DSN's MUST be sent to the reverse path, the
reverse-path MUST be copied to the Return-Path header on final delivery,
etc.) also constitute a requirement on the sender to provide a valid
return-path? Or is it allowed to insert an invalid path if it isn't
interested in DSNs, Replies, etc.? I can see no clear requirement in RFC
2821 that the mailbox of the sender MUST be globally reachable and
accept mails. The expectation is clearly there (otherwise the
requirement that DSNs are sent there, or the care in preserving it at
final delivery wouldn't make much sense), but the explicit requirement
is IMHO missing.

        hp

-- 
   _  | Peter J. Holzer    | In this vale
|_|_) | Sysadmin WSR       | Of toil and sin
| |   | hjp(_at_)hjp(_dot_)at         | Your head grows bald
__/   | http://www.hjp.at/ | But not your chin.           -- Burma Shave

Attachment: pgpuLho9byFn1.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 0. General - anti-harvesting (was Inquiry about CallerID Verification), Hector Santos
Next by Date:  Re: [Asrg] 0. General - anti-harvesting (was Inquiry about CallerID Verification), Hector Santos
Previous by Thread:  Re: [Asrg] 0. General - anti-harvesting (was Inquiry about CallerID Verification), Hector Santos
Next by Thread:  Re: [Asrg] 0. General - anti-harvesting (was Inquiry about CallerID Verification), Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]