ietf-mxcomp
[Top] [All Lists]

RE: (DEPLOY) In Support of Sender ID

2004-09-03 13:42:26

Rand Wacker wrote:
Sender ID also has a more graceful workaround for the forwarding hops that
want to become compliant.

Yes, and the "graceful workaround" is also an open backdoor for injecting
forged DSNs. That is a technical failing.

Rand Wacker wrote:
SRS has some severe technical failings, so much so that source routing
was completely abandoned 15 to 20 years ago as unworkable.

SRS has no technical failings AFAIK, and it is being used successfully by
quite a few people on several MTA platforms. It isn't aesthetically
pleasing, but that isn't a technical fault. And your reference to source
routing makes me doubt you even understand what SRS is... How is source
routing relevant to SRS?

Rand Wacker wrote:
Everyone knows that there are limitations to what Sender ID can do, but it
brings a good enough benefit to a large enough percentage of mail that it
is worth moving forward with (as long as the licensing issues can be
worked out).

The MARID charter is "authenticate mail transfer".

The MARID charter isn't "make the largest percentage of existing mail
transfer appear to be authenticated".

There is a big difference between these two. The former means that an MTA
implementing MARID will be able to authenticate all mail from a domain
publishing MARID, now and in the future.

SenderID currently falls in the latter. An MTA implementing SenderID will
receive some types of mail which appear authenticated, but are not. In my
experience, partial protection is no protection at all.

Michael R. Brumm