I think you mean SRS (sender rewriting system) not SES (which is
cryptographic signatutures in envelope from). Other then that I agree
but would note that original source routes were such that sender
set how the email is to be routed for direct email and with SPF
and SRS this only only for bounce messages.
On 30 Nov 2004, John Levine wrote:
After further deliberation about source routing and SPF, I have come
around to the conclusion that Frank is to some degree right, and if
you want to use SPF/Sender-ID, you should use source routes.
SPF, after all, simply reintroduces source routes into Internet mail,
a decade or so after they disappeared. SPF and Sender-ID assert that
some paths for a particular message are valid and others aren't.
Well, OK, that's just what source routes do. In particular, SES and
its ilk are just clumsy recreations of source routes.
If a(_at_)a sends mail to b(_at_)b which then forwards it to c(_at_)c, the
return
path on the second hop should be <@b:a(_at_)a> which says exactly what SES
would, this message was from a(_at_)a but if you want to write back, you
need to send your response via b. Host b needs somehow to remember
that this particular relay is OK, but that's not new.
RFC 2821 says that source routes are deprecated except in unusual
circumstances, but MTAs should handle them if they see them. Relative
to the past 20 years of e-mail, I'd have no trouble calling SPF
unusual.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
http://www.taugh.com
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net