Re: public key BATV isn't useful

Tony Hansen wrote:
> Paul, The original idea behind BATV was so that 1) the original 
> sending MTA can protect itself such that 2) non-delivery reports for 
> messages originally sent from there can be differentiated from 3) 
> non-delivery reports that are being sent in response to messages *not* 
> originating from that sending MTA. That is, NDRs from your users (#2) 
> will come back using your BATV tagging, whereas NDRs from spammers 
> (#3) will come back without using your BATV tagging, and your system 
> (#1) can happily ignore the #3 NDRs.
Ah. I think I seem my problem... I looked at the BATV spec as a newcomer 
to BATV rather than someone who had known about it for ages...
The BATV introduction is misleading. It doesn't mention anything about 
the reasoning behind BATV that you state, and the introduction says 
things like "This assessment could aid in deciding whether to *send* a 
bounce message, thereby reducing the Internet mail infrastructure cost 
for transmitting notification messages in response to addresses used 
without permission." (emphasis mine) - thus implying that the thing 
sending the bounce message (ie NOT your own server - that should already 
know that the address was used legitimately) is the thing checking the 
BATV tags. To do that, you MUST have public key BATV tagging, private 
key tagging doesn't make sense.
So, I think the introduction needs to have something in it about the 
rationale, reasoning and purpose behind BATV, as I obviously 
misunderstood it, and even though I've now had my mistake explained to 
me, I still can't see anything in the spec which explains it...
--
Paul Smith

VPOP3 - POP3/SMTP/IMAP4/Webmail Email server for Windows