-----Original Message-----
From: Roy Badami [mailto:roy(_at_)]
Sent: Wednesday, 21 July 2004 5:15 AM
To: Terje Petersen
Cc: ietf-mxcomp(_at_)imc(_dot_)org
Subject: RE: MTAs should focus on email TRANSPORT not email CONTENT
"Terje" == Terje Petersen <terje(_at_)excelan(_dot_)com(_dot_)au> writes:
Terje> 2. Dump messages where FROM <> SUBMITTER.
But an MTA can reject the message at the MTA level. Quietly dumping
messages anywhere is a bad thing, and it violates the spirit of the
reliable mail delivery prinicple, even if perhaps not the letter.
-roy
=================================
=== RESPONSE FROM TERJE BELOW ===
=================================
Having thought about this some more it is now even more obvious to me
that the MUA can easily handle this job without "dumping" email
silently.
The MTA receives a command such as:-
MAIL FROM:<fred(_at_)domain(_dot_)com>
SUBMITTER:<wendy(_at_)foo(_dot_)com>
Now even before we look at content both email addresses MUST pass an SPF
check and be authorised (and arguably confirmed correct).
So if the MUA subsequently finds that the email content is malformed
because
it does not have the correctly matching headers then the email can be
safely
bounced by the MUA back to fred. After all that address was
authenticated
previously by the MTA.
And whether the MUA bounces the message or the MTA bounces the message
the
entire content had to be received first up anyway.
And at the risk of flogging a dead horse I will just say once again
there is
nothing stopping proprietary solutions from incorporating MUA checks
into
mail gateways. It just that the standards should regard it as an MUA
function.