That's completely, hopelessly impractical if a user is traveling and has no
control over the originating path of their outgoing E-mail.
Examples of such users are those using airport waiting lounge
Internet access kiosks, Internet cafes ...
It probably would be a good idea to clarify the distinction between
what's in the From: line and the identity of the sender.
If I connect to my MSA from a known IP address inside my network, or I
use SMTP AUTH to provide a username and a password, the MSA knows who
I am based on the IP address or the user/pass pair. This works fine
for people who travel with a computer so the computer is set up with
the appropriate addresses and passwords configured it. On the other
hand, if I walk up to a kiosk and send mail through a funky client on
the kiosk, nobody has the faintest idea who I am.
In either case, I can set any From: address I want, and nothing in
this draft changes that. The difference is who vouches for it. In
the former case, the reputation with the mail is that of the MSA,
regardless of where I am or who I say I am. In the latter case, it's
the reputation of the kiosk which, depending on how good their rate
limits and outgoing spam filters are, may be good or may be bad.
I could imagine trying to invent yet another scheme to send
authenticated mail from random clients, but I don't see any point.
It's no big deal to slap a web mail front end onto a mail system for
the benefit of roaming users without their own computers, and I don't
see how we could do any better than that.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg