ietf-mxcomp
[Top] [All Lists]

RE: DEPLOY: Legal liability for creating bounces from forged messages

2004-08-26 13:19:37

Stephane Bortzmeyer asks: 
Is it unrealistic to assume that, if the current Sender-ID becomes a
RFC as it is, nevertheless, some people will use SPF records (as
specified in -protocol) to perform checks on the 2821 MAIL FROM and
not only on the official PRA?  A sort of unofficial "Unified SPF"?

Yes, it's realistic to assume that some software will do this.  The
technical term for such a program is "broken".  :-)

The whole point of having a standard is so that senders know what the
expectations are for the mail they send, and that receivers know what
they should be looking for.  The whole PRA stuff was invented because of
an observation that there's lots of legitimate mail that passes a PRA
check but fails a bounce-address check.

-- Jim Lyon