On Wed, 2004-09-15 at 10:24 -0700, Rand Wacker wrote:
On Wed, 15 Sep 2004, Tony Finch wrote:
I agree. I also think that in this scenario the mechanism should be CSV
rather than SPF, because CSV is vastly more efficient and less abusive of
the DNS.
And less abusive of the forwarders.
My worry about the current direction to standardize a mailfrom scope is
that there hasn't been a lot of technical discussion about the implication
of changing the return paths by the group.
The rewriting using SRS or the Resent-From:^WForwarded-For: header has
been bolted on almost as an afterthought, to patch up the bits where the
original assumptions of the mailfrom or pra scopes respectively don't
quite match reality.
You seem to be correct that there hasn't been much discussion about how
they affect the operation of the overall scheme. In fact I think there
hasn't even been a lot of _thought_ about the implications.
Having considered the implications myself, I believe that the mere
_possibility_ of SRS or the header addition means that each of the
mailfrom and pra scopes becomes nothing more than a way to determine the
trustworthiness of the _individual_ mail host which is submitting the
mail in question.
There are better ways to determine the trustworthiness of a mail host,
without the requirement for the whole world to be 'upgraded'.
--
dwmw2