David Woodhouse wrote:
The disadvantage of using the RFC2821 reverse-path is that it's not
always displayed to the _recipient_ by their MUA. But then the Sender:
and Resent-From: addresses are often not displayed _either_ -- I don't
think that's too much of a problem. It still allows automatic rejection
by the MTA; and in fact it makes it _easier_.
While there are advantages to having some form of encrypton in RFC2821
return path checking, I'd hate to see that as the only thing this group
focuses on, just because it is perceived to be easier. All it buys is
some form of bounce address verification, which could have nothing to do
with the author of a message, a place where I believe crypto has very
disctinct advantages over channel based IP authentication and/or
authorization.
We take in many millions of messages a day, but I still don't see
automatic rejection of mail at the MTA RFC2821 level to be a very
significant win. Other factors, besides an address where bounces should
be sent, will factor in scoring the message, so we need to take it in
anyway.
David