1. 2821 HELO/EHLO domain
2. 2821 MAIL FROM domain
3. 2822 From: domain
4. MTA MARK-type in-addr.arpa domain
I see verification of all of the above as useful. I think there's a
rough consensus that 1,2, and 4 are useful, so I'll explain why I like 3
as well.
Domains that are popular phishing targets could be able to much more
effectively protect themselves with 3. Here's how:
Domains like verisign.com, paypal.com or bigbank.dom would have LMAP
entries specifically saying it was NOT ok for them to be in the header
From: where envelope FROM to != header From:. Typical domains would not
have LMAP entries like this because it would typically prevent their
users from having their mailing list postings accepted by recipients,
effectively meaning they couldn't post to mailing lists with their work
domains, which their employers would probably view as a good thing anyway.
This would allow confident rejection of email with envelope
FROM:evilDomainNo4345Allowing0/0.dom but header From:service(_at_)paypal(_dot_)dom(_dot_)
In the real world, it may take a while for evilDomainNo4345 to get
blacklisted, but in the meantime, such an LMAP record would allow such
email to be confidently rejected (ahem - identified for local policy
application).
I think it's quite useful for LMAP contenders to adopt such a scheme,
and hope they do.
Without 3, such email could be (less confidently) rejected as follows:
evilDomainNo4345 would be listed with a reputation service as having too
recently become a source for email to have gained a reputation as a
non-spam source. Such reputation services don't currently exist.
On 3/26/2004 11:16 AM, Marshall Rose sent forth electrons to convey:
in preparation for the next xmpp conference (to be held april 5th at
2100utc at conference room marid(_at_)ietf(_dot_)xmpp(_dot_)org), the proposed
co-chairs
ask the following of all interested parties:
by friday, april 2nd, please send an email to the mailing list
explaining which identity you think the working group should address
along with a short list of bullet points as to the trade-offs
associated with using this identity.
by "identity", we refer to:
2821 HELO/EHLO domain
2821 MAIL FROM
2822 From:
2822 Sender:
at the xmpp conference, we will discuss these issues interactively.
many thanks,
/mtr