ietf-mxcomp
[Top] [All Lists]

Re: TECH OMISSION: Stronger checks against email forgery

2004-09-07 06:50:16

On Tue, 7 Sep 2004, Yakov Shafranovich wrote:
Tony Finch wrote:
On Fri, 27 Aug 2004, Jim Lyon wrote:

I continue to disagree.  There are too many scenarios where the bounce
address is uncorrelated with the MTA that's delivering a message; this
means that any scheme that attempts to reject mail based on those two
inputs (bounce address and IP addr of sending MTA) will have too many
false rejections.

What makes the PRA different from the bounce address from this point of
view?

The PRA algorithm tries to guess the most recent "Sender" for the message -
i.e. the one that is being used for this SMTP hop. The bounce address on the
other hand originates from the original hop and stays that way throughout
multiple SMTP hops.

This is also true for the PRA, since no existing MTAs add Resent-From:
header fields when alias-forwarding.

Tony.
-- 
f.a.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
DOGGER: NORTHEAST 4 OR 5. FAIR. GOOD.