ietf-mxcomp
[Top] [All Lists]

RE: Can you ever reject mail based on RFC2821 MAIL FROM?

2004-04-27 12:06:03

Yes, I understand this. MARID doesn't propose anything to do with 
authorization though, so you confused the issue for me (and I hope 
others). Without authorization this way of looking at MARID buys you 
nothing as far as I can see.

Authorization = Accreditation + Heuristics.

Even if you don't believe in accreditation, it is pretty easy to
build useful rule bases for authentorization using the method I
described.

This *is* different to the SPF proposal (and other LMAP schemes that 
propose to reject on MAIL FROM), which aim to stop invalid 
bounces for mail I didn't send.

Under what circumstances?

Purported sender implements SPF publication
Receiver implements SPF verification
Receiver does not bounce message from false sender

Seems like a lot of adoption has to take place to get value.

I am arguing that suppressing the fake bounce messages is simply one
immediate payoff from a much more general purpose technology.

Incidentaly for a bounce message we have:

2821 From = <>
2822 From = <>

So if that is all we are trying to do one wonders what the 2821/2822
argument is about.


<Prev in Thread] Current Thread [Next in Thread>