[Top] [All Lists]

Re: Comments (II) on draft-church-dns-mail-sender-02.txt

2002-08-29 20:40:26


Andrew Church wrote:

    "In cases where a message is forwarded through one or more MTAs before
     reaching its final destination [...], the MTA at the message's
     destination will typically reject the message when the forwarding MTA
     fails to respond properly to an MS challenge for the sender's domain.
     Thus, MTAs which forward messages should modify the sender address of
     such messages to one which they can respond to an MS challenge for.
     However, depending on circumstances, it may be appropriate for the MTA
     to record elsewhere in the message the original sender address."

Ah, I have got the idea. However, you might want to consider to discuss
in your draft:

(1) Section 1 is confusing since it is about "Forged Headers".

(2) How serious is the problem of "Sender Address" compared to
    the "Forged Headers"?

(3) Why use a complicated cryptographic challenge mechanism? AFAIK, it is 
    quiet common for a current receiving MTA to reject emails that come 
    from a host with no reverse "" information. Furthermore, 
    why not use the MS RR to list the MTAs who are allowed to use the 
    sender address of the domain?

Rahmat M.  Samik-Ibrahim --  -- --
One Debian GNU/Linux,with glibc,and justice for all - Pledge of A