On Monday, June 28, 2004 5:30 PM, Matthew Elvey
[mailto:matthew(_at_)elvey(_dot_)com] wrote:
Still isn't clear to me. You've still got a MAY in the first
paragraph, followed by a SHOULD in the second. One should
have precedence (also I don't see why one is MAY and the
other SHOULD).
OK, here's a proposed revision to the two paragraphs in 4.2 we've been
discussing:
If the above tests indicate that the connecting SMTP client is not
authorized to transmit e-mail messages on behalf of the SUBMITTER
domain, the receiving SMTP server SHOULD reject the message using
"550 5.7.1 Submitter not allowed."
If the receiving SMTP server allows the connecting SMTP client to
transmit message data, then the server SHOULD determine the purported
responsible address of the message by examining the RFC 2822 message
headers as described in [SENDER-ID]. If this purported responsible
address does not match the address appearing in the SUBMITTER
parameter, the receiving SMTP server MUST reject the message using
"550 5.7.1 Submitter does not match header."
So there is an ordering here:
- First, the receiver checks the to see if the SUBMITTER domain passes
the Sender ID check.
- Second, if the receiver decides to accept message data (either because
SUBMITTER passed the check, or because SUBMITTER failed the check but
the receiver decided to accept message data anyway) then the receiver
should ensure the SUBMITTER value matches the PRA and reject if there's
a mismatch.
Got the s/firm/entity/ fix?
Yes.