Procedural note, each time I reply to a mail from this individual
he has a robot send me spam. If he is serious about stopping spam
he will shut his robot up.
Absolutely. At 2821 stage, we currently have ONE un-ambiguous
sender identity, which is MAIL FROM.
As has been explained at length in this forum, MAIL FROM is not
un-ambiguous. In fact the real semantics of the field as defined
by the protocol are that it is the bounce address.
It is obvious to common sense that we should base our
controls upon the
provided identity that is given to us, rather than having to
reinvent, dig
out from the 2822 headers thru complex circonvolutions or
whatever, another
It seems obvious to me that a mail authentication mechanism should
try to authenticate the mechanism that is seen by the user, accepting
that we may need to get MUAs to act in a more coherent manner.
The RFC 2821 / RFC 2822 distinction is really not relevant to
this, the message format and the transport have numerous
interactions and in any case we would be breaking the model of
total separation of concerns between layers by introducing an
interaction between IP layer transport and the application layer.