On Thu, Apr 15, 2004 at 07:26:29AM -0700, Hallam-Baker, Phillip wrote:
I think the continued discussion on "RFC
2822" relationship
as far as the SMTP transport model is concerned is going off
on the wrong direction for a solution.
Noted, but many people disagree.
Isn't it totally irrelevant for this group whether RFC2822 or RFC2821
FROM/SENDER/... is validated/authorized/...
This group is named
MARID - MTA Authorization Records in DNS
so the goal of this group is to provide a mechanism to validate
something - see below - via DNS.
So the problem to solve is:
- will we be doing "domain" (SPF, RMX, MSCID, ...)
- will we be doing addresses (see above + PGP, LDAP, ...)
- will we be doing MTAs (TLS style comes to mind, ...)
- will we be doing IPs (MTAMARK, revDNS PTR matches forward, DNSBLs, ...)
- ... (HELO checking may be another single point)
and how to store that information in DNS to make it possible to authorize
that something.
The solution to above points doesn't have to be mutually exclusive, if
we can come up with a method that allows authorizing more than one of
them.
Whether MTAs during the SMTP transport or filters/clients at another
time decide what to do or if they decide agains RFC2821 or RFC2822, is
IMHO not in the scope of this group.
The only question with the latter is whether these checks are useful
with regards to DNS accessability at that time.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"