mail-vet-discuss
[Top] [All Lists]

Re: [mail-vet-discuss] Draft as of 7/17/2007

2007-08-14 22:31:10
At 17:05 14-08-2007, Murray S. Kucherawy wrote:
I'm not sure I totally agree with this. If for example the border MTA elects to encapsulate the SMTP client information in an additional header field or some such, an internal MTA could later carry out the SPF/Sender-ID test. By that logic, any of the tests we know about could be done anywhere as long as all the required data are somehow available.

It all comes down to which headers to trust. Conceptually, if you are going to trust the Authentication-Results: header, we could also trust a header that conveys SMTP information.

Can the MUA not make a judgement about the "makes sense" question on its own if that's actually an issue?

What "makes sense" to me may not make sense to you as you may have a better understanding of the issues involved. I would prefer the MUA not to make a judgement call about that especially when it is operating in an environment prone to malware.

Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] Current Thread [Next in Thread>