, while it gets no where near real
authentication, the ability to write a pair of rules that say
* if the message comes to "john+bbnk(_at_)example(_dot_)com", and
isn't from an address in the "bigbank.com" domain, it is
trash and can be discarded, and
* if the message appears to come from the "bigbank.com"
and isn't addressed to john+bbnk(_at_)example(_dot_)com", then it
is trash and can be discarded.
turns out to be a powerful tool that is not easily defeated and
that does not require multiple handshakes between recipient and
putative sender.
I've been using it for years, and entirely agree.
Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf