So I am assuming that you want the "From" header to be checked at the
MTA level during the DATA command. Doesn't MSFT's CID proposal check
headers at MUA level? They don't seen to have a problem with
MUA changes but then again they develop 70% of MUAs in the world.
Convince them to participate in the group, and that they would change to
doing it the way you suggest and you might have a point.
But even so, any change to the client population takes about four years to
be deployed. I use a version of outlook that shipped in 1999.
changes to clients take much much longer to achieve than changes to
servers and services.
I am not against checking MAIL FROM, but checking RFC2822
headers brings
up a host of other issues which are difficult to deal with.
So tell people it is hard, give them a list of the pitfalls
to consider. They are most likely to either decide to do it
another way or to do it right.
Key word "policy description". This group is concerned with a
very small
goal - authorization records for MTAs or in your own words
"listing out
the edge mail servers". We are not making generic policy exchange
mechanisms - if you want to make those, then we need to restate the
problem and evaluate it from that angle. Otherwise, you will end up
overloading MARID for the purposes it was not intended to be.
The charter does not limit the scope to envelope from or to data
from. It seems strange to argue that therefore we have to pick one
and only one.
I am not sure I get this. If we verify MAIL FROM, then the greeting
cards companies are changing anyway?
The greeting card companies will not be sending messages that falsely
claim to come from another party as they do today.
Phill