Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
How does one establish a mix of divergent approaches? A chain
of trust is broken when each node checks a different mailbox-domain. It
is also seems inappropriate to misapply a record intended for a
different mailbox-domain.
I agree completely.
We should start with fields which have simple, well-known semantics
such as EHLO, and then work our way to fields which have complex,
poorly understood semantics.
Handing multiple accountable identities is daunting, especially when
a change in convention between administrative domains makes spoofing
easy.
If we ensure that the MTA's are individually accountable, and that
each message is authenticated and tracked through the system, then
spoofing becomes much more difficult.
SMTP is not currently such a system.
Alan DeKok.