Andrew Newton wrote:
On Apr 22, 2004, at 8:51 PM, Ted Hardie wrote:
It also strikes me that there are some folks who are looking at
this from a much more general case and want to understand
which headers it would be useful to *validate* (full stop).
That's a different problem space; s/mime has taken it on,
as has PGPMime. There may well be more useful methods
to be found in that arena (and judging from uptake I hope so), but it is
a different problem space at least as I understand it, because validating
the header content goes beyond describing a relationship
to an administrative domain. At least in my view, it also goes beyond
the kind of check we'd assign to an MTA in the usual mail
flow.
A good point. I certainly had made an assumption about the meaning of
validating headers in this context. But are we all on the same page?
And as I think about it, the confusion could be applied to both 2821 and
2822.
So, is there anybody here thinking of validation of these identities
beyond the domain part of an email address (or the equivalent for
HELO/EHLO)?
I don't think so, I think that pretty much every agrees that we match
IPs to domains. The question is where the IP comes from.
I think that part of what Ted is refering to above is the use of
Received headers information in the MUA which lacks access to the IP
address of the incoming SMTP connection. The Received headers will be
used to figure out the edge MTAs and then compare that data against the
MARID records. This is what CID does and SpamAssasin with SPF data.
HOWEVER, on MTA level this does not need to be done since the IP address
is known. Of course the question of checking messages before the reply
to the DATA command is interesting.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"And this too shall come to pass"
-------