--Greg Connor <gconnor(_at_)nekodojo(_dot_)org> wrote:
I still think that it's important to state one policy for both for 99% of
domains. In other words, for MY domain, I want ALL protection available,
and I don't want to do extra steps to opt-in to MAIL FROM/HELO/Header
checks.
In case it's not clear, this means that I *disagree* strongly with Margaret
(and Wayne, and Meng) on this point, though I wholeheartedly agree with all
of them on many other points.
I really do NOT want to see 2821 and 2822 worked on in isolation from each
other. I don't want to split up our efforts. I don't want to duplicate
our work. I *certainly* don't want to end with with different mechanisms.
I don't want to apply hard work to both proposals and later find one going
strong and the other totally marginalized. I do not want to see "separate
but equal" codified by this group.
Let's take a moment to review the charter.
It would be useful for those maintaining domains and networks
to be able to specify that individual hosts or nodes are authorized
to act as MTAs for messages sent from those domains or networks.
This working group will develop a DNS-based mechanism for
storing and distributing information associated with that
authorization.
The primary current use case for this facility is to allow recipient
MTAs to confirm that peer MTAs' actions are authorized by
specific domains or networks.
NOTHING I have seen so far suggests that the methods used for 2821 and 2822
validation are incompatible, ESPECIALLY when we are already limiting
ourselves to "a DNS-based mechanism... to specify that individual hosts or
nodes are authorized to act as MTAs for messages sent from those domains or
networks" Yes, there are differences here and there, but the fundamental
concept is the same.
YES this will be HARD work. So let's get to it. Are people just afraid of
the hard work it takes to iron out a common system? Or are we all
quibbling over differences because our pet proposals work better for one
thing than the other? Who can tell me a good reason why we shouldn't
accept Andy's proposal and move on?
OK rant mode off... for now :)
gregc
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>