[Top] [All Lists]

Re: rfc2821bis-03 Issue 32: "MUST take responsibility"

2007-04-26 09:53:12

Peter J. Holzer wrote:

1) The entity responsible for sending the message (the "real sender")
2) The entity indicated by the reverse-path in the MAIL command (the
   "alleged sender")


And while I think that an MTA should make every effort to determine
whether it can deliver the message before taking responsibility for it,
I concede that there are situations where the MTA can only determine
that it won't be able (or willing) to deliver the message AND that the
reverse-path is very likely to be forged after it has accepted the
message. In that case I believe it is better to silently drop the
message than to send a NDN to an entity which is almost certainly not
the real sender.

Therefore I think that should only be a SHOULD, not a MUST. I'm not too
happy with just changing MUST to SHOULD, though. Maybe a longer
discussion of the alternatives is in order.

Well, I think we need to define exactly what is meant by:

      "properly reporting the failure [to deliver a message]"

Currently, I think everyone understands "properly reporting the
failure to deliver" to mean either a 5yz code during the SMTP session,
or a NDN to the Return-Path.  I think it's opening a huge can of worms
to allow any other meaning of a "proper failure report."  I also think
it's inevitable that SMTP server implementations will violate this
requirement for various policy reasons.

So I think a SHOULD is the only way around it.