[Top] [All Lists]

Re: BATV pseudo-Last Call

2008-05-20 04:30:37

Paul Smith wrote:

Can it? Day 234 is after 019 isn't it? Given that the remote server has no way of knowing how long the sending MTA has specified for allowing bounces, this is an assumption that can't automatically be made.

Also, it would be easy for a spammer to just send a message from

The receiving mail server can't check that 'bibble' isn't a valid signature, so it would accept the message. In any case, a spammer would just send it from user(_at_)example(_dot_)com, as the recipient has no way of knowing that the sender address should be signed.

and if a signature is too short (user-part length limitations), then it won't take long to break.

So, the remote server gains absolutely no benefit from BATV.


That's fine, as it doesn't seem that the remote server is supposed to gain any benefit. It's the spoofed domain's MTAs which can gain the benefit.

but then why standardize the format? anybody can use "internal aliases" of any form (aka disposable addresses).

<Prev in Thread] Current Thread [Next in Thread>