ietf-mxcomp
[Top] [All Lists]

Re: Can you ever reject mail based on RFC2821 MAIL FROM?

2004-04-23 09:20:42


"Harry Katz" <hkatz(_at_)exchange(_dot_)microsoft(_dot_)com> wrote:

So, I would like to propose a challenge to the MAIL FROM advocates:

Come up with a scheme or set of conditions that enables receivers to
correctly reject messages based solely on RFC2821 MAIL FROM.  This
scheme must work in the face of forwarders who have not implemented SRS,
VERP or any similar mechanisms since they are likely to represent the
majority of forwarders for the foreseeable future and will remain
present on the Internet indefinitely.

Signed sender addresses acheive this when combined with either callback
verification (which people are using already) or with public keys in the
DNS. As well as protecting against forgery of outgoing email, SSAs protect
against collateral spam and other bounce attacks without requiring
co-operation from third parties.

-- 
Tony Finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/