-----Original Message-----
From: Jon Kyme [mailto:jrk(_at_)merseymail(_dot_)com]
Sent: Friday, April 23, 2004 2:46 AM
To: Harry Katz
Cc: IETF MARID List
Subject: Re: Can you ever reject mail based on RFC2821 MAIL FROM?
So, I would like to propose a challenge to the MAIL FROM
advocates:
I wouldn't consider myself an "advocate" but...
publisher says something like:
"mydomain.example.com: only nnn.nnn.nnn.nnn applies_to 'MAIL FROM'
# we know this means our mail might not be forwarded # but we're OK
with that.
# And indeed, we're sure that our recipients are OK with that.
# Besides, it makes our stupid email disclaimers slightly # less
stupid
"
Now, *you* tell me what's wrong with that.
Sorry, Jon, that won't work.
Suppose alice(_at_)mydomain(_dot_)example(_dot_)com sends mail to
bob(_at_)alumni(_dot_)almamater(_dot_)edu(_dot_) But bob has set up forwarding
of
bob(_at_)alumni(_dot_)almamater(_dot_)edu to bob(_at_)company(_dot_)com
On the first hop from mydomain.example.com to alumni.almamater.edu, the
message has MAIL FROM: alice(_at_)mydomain(_dot_)example(_dot_)com(_dot_)
Everything's cool.
On the second hop from alumni.almamater.edu to company.com, the message
still has MAIL FROM: alice(_at_)mydomain(_dot_)example(_dot_)com because
alumni.almamater.edu hasn't implemented SRS, say.
Now company.com does the check of MAIL FROM and erroneously rejects the
mail because it is coming from alumni.almamater.edu's MTA which has the
wrong IP address.
QED