On Tue, 20 May 2008, Ned Freed wrote:
If the client can't use its normal submission server then I don't see
what use a message submission protocol extension would be :-)
Firsst of all, I said nothing about not being able to use. There are
plenty of reasons (speed, policy, separate environment) why I might be
able to reach one server but prefer or be required to actually use
another for submission.
I think this points out something important that could perhaps be made
more explicit in the specification. BATV is designed for the usage model
where you must use the domain's submission servers if you want to send
email claiming to be from that domain, and all the submission servers must
implement BATV. (It has a lot in common with DKIM in this respect.) So if
you deploy BATV and you have users with configurations that don't conform
with this model, they'll have to change even if that makes submission
slower or less convenient. If you deploy BATV and your policies say
clients on such-and-such a network must use such-and-such a submission
server, then that submission server had better be configured to correctly
tag messages for all the relevant domains, or you must adjust your
policies.
So I think all the reasons quoted above are, by design, not supported by
BATV. I also don't think there's any point in adapting BATV to remove this
limitation unless the same adaptations work for DKIM or origin-domain
security protocols in general.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
FORTIES: NORTHWESTERLY BECOMING VARIABLE 3 OR 4. MODERATE. FAIR. GOOD.