ietf
[Top] [All Lists]

Need for secured email delegation workflow

2017-07-12 02:04:20
Hi,

First of all, I am kind of new and still learning how email infrastructure
fits in, so please feel free to highlight any glaring issues with my logic.

I was working on implementing Email Delegation for my email server, and
felt a need to highlight a couple of things.

1.) I could not find a place where this workflow is outlined. It seems like
everyone, from Microsoft to Google, have an implementation for email
delegation, and they are all kind of doing their own thing.

2.) As I could not find any RFC/Internet Draft covering this flow, I could,
potentially, create a really bad email delegation implementation in which I
could allow potentially anyone to send mails on behalf of anyone, and I
will still be, say, RFC-2822 compatible (I may be incorrect here, but I
could not really find any place which would restrict a user from sending an
email on someone's behalf, by editing the "Sender" header before sending an
IMAP request.)

Am I missing something here? Is this something which should be an Internet
draft/RFC?

-- 

Regards,
Vaibhav Singh