Hi,
to paraphrase my yesterday's session's question:
Does the SUBMITTER parameter really make sense?
Case 1: The sender is authorized by some domain to
send messages. The message will have to be accepted and therefore
to be transmitted. No benefit in checking the parameter before
transmission. Could do this also after transmission.
Case 2: The sender is not authorized or does not want
to reveal her identity (e.g. spammer). Sender would be stupid
if she gave a SUBMITTER parameter not covering her IP address.
So the sender will certainly do as if she had not yet implemented the
SUBMITTER, i.e. omit it. Message will be transmitted as well.
So what sense does it make to introduce this new extension? Could have
done the same thing better based on header checks after transmission
of message. An additional header entry is much easier to implement or
configure.
The only sense I can see is a smooth transition: E.g. allow both -
submitter and header based checks - until Dec-31 2005 and require
everyone to support it by then. But if this is desired, then this is a
completely wrong way.
In such a case the MARID group should not hide the smooth transition
in a SMTP extension. Instead it should mark this all as a "temporary
ad hoc solution to fight spam and crime now", and reengineer a better
solution then.
Yesterday's answers to my question didn't convince me. On the
contrary. It caused doubts whether this is really a well planned
solution or rather a workaround that does not really work around.
Wouldn't it be better to allow a new header entry line instead?
regards
Hadmut