Let me add a little to the requirements list and agree with Nathan
that that is where we should start. Some requirements that do not seem
to be met all that well at present
okay, pet peeve. none of these is a "requirement". requirements are
goals that are so fundamental that failure to meet the goal causes the
whole effort to fail.
it's way too early to try to nail down requirements.
The capacity to determine that the sender is a valid address for
sending email at the site involved
The capacity to determine that the "From" field actually indicates who
the message is from
The capacity to authenticate the sender.
I am not even sure that these are reasonable goals as stated.
The purpose of these suggestions is to take measures which will make
it more difficult to send spam mail of the Viagra type or to circulate
worms and viruses of many types.
Then say that the goals are to make it more difficult to send spam,
worms, and viruses. I think we can all agree on that. Don't
overconstrain the solution by assuming that the problem must be solved
in such-and-such a way.
sorry to single you out - but we have to back away from assumptions
about solutions in order to really understand the problems.
Keith