| I think it is likely that there will need to be completely separate
| proposals for:
|
| 1) The "is this IP address authorized to be an MTA?" question.
| (e.g., MTA-Mark, SS, DUL lists, etc.)
|
| 2) The "is this IP address authorized to use a given domain name in
| the MAIL FROM (and HELO) address?" (e.g. RMX, SPF, DMP, etc.)
|
| 3) The "is this From: header from who it claims to be from?" (GPG,
| S/MIME, DomainKeys, Caller-ID, etc.)
I agree that these are three related but distinct areas; each deserves
consideration.
You gave consideration to 1) and 2) as they're directly related to the work.
I wanted to know if the third area referred to deserves consideration from
this group. Or if there are others.
I don't remember if it was decided to consider 3) because of the problem of
using bandwidth to receive the e-mail in the first place, in order to analyze
it. I would prefer not to consider it as all of the approaches to verify the
headers requires us to receive the message in its entirety, saving no
bandwidth at all.
--
PGP key (0x0AFA039E):
<http://www.pan-am.ca/consulting(_at_)pan-am(_dot_)ca(_dot_)asc>
What's a PGP Key? See <http://www.pan-am.ca/free.html>
GOD BLESS AMER, er, THE INTERNET. <http://vmyths.com/rant.cfm?id=401&page=4>