On Sun, Mar 21, 2004 at 05:13:47AM -0800, Hallam-Baker, Phillip wrote:
things as bad as:
HELO mailhost.domain.tld
MAIL FROM: <user(_at_)domain(_dot_)tld>
RCPT TO: <user(_at_)domain(_dot_)tld>
DATA
...
Reply-to: user(_at_)domain(_dot_)tld
Errors-to: user(_at_)domain(_dot_)tld
From: user(_at_)domain(_dot_)tld
To: user(_at_)domain(_dot_)tld
Subject: Otheruser(_at_)otherdomain has send you an e-card
...
And we should prevent giving folk like this some pain because???
Can you distinguish between that evil postcard site based on RFC2821
identity, and a mobile user attempting to use an address other than the
one his ISP has assigned him (say, for example, his work address)?
Assume for the sake of argument that the ISP blocks outbound port 25,
465 and 587, so the entity cannot connect directly to their office MTA.
Or, shall we force everyone who travels on business to expose their
personal email accounts when conducting business while on the road?
--
Mark C. Langston Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org
mark(_at_)seti(_dot_)org
Systems & Network Admin SETI Institute
http://bitshift.org http://www.seti.org