On Sun, 15 May 2005 18:23:55 PDT, David MacQuigg said:
The proposal is to add an ID command to the SMTP exchange, after EHLO, but
before MAIL. My main concern is backward compatibility. Here are the
relevant paragraphs:
EHLO mailserver7.my-company.com
ID mycompany.com
MAIL FROM: bob(_at_)sales(_dot_)my-company(_dot_)com
You get the point:
Unfortunately, there is no agreement on how this should be done.
Some believe firmly that it should be done in the EHLO command at the
start of each session, others insist that it should be done in the
MAIL command with each email. Still others think the true Identity
should be extracted from one or another of the email headers that the
recipient actually sees. Adding to the confusion is the fact that
each of these identities may legitimately differ from the Identity
that is to be authenticated, and may differ in having extra
"subdomain" labels that are not easily separated from the Identity to
be checked.
and then promptly decide to ignore it. The reason that there is disagreement
is because the different choices have different semantics. In addition, many of
the schemes involve the inability of the sender to overload a field. So for
instance, if you're trying to send a phish using a MAIL FROM: of @ebay.com,
you're *stuck* with that MAIL FROM.
Your proposal would allow:
EHLO mailserver-7.my-company.com
ID some-spammer-controlled-domain-that-will-verify.com
MAIL FROM:<moby-phisher(_at_)ebay(_dot_)com>
In addition, being able to pick-n-choose and feed the value from a MAIL FROM
to a scheme that wants to verify EHLO or the PTR of the source just opens up
a lot of attacks.
So how exactly does this improve the situation?
pgp937iLMXEnX.pgp
Description: PGP signature