John L wrote:
Tell me, do you pass viruses and phishing along to your users, or do you
filter them at the border?
Neither. Sometimes I filter at the border, sometimes when I'm tuning
filters or collecting statistics, I let them go another hop or two
before I catch them. What's the point of making this false choice?
For all intents and purposes, an AR header across an administrative
domain might just as well be viewed as a phishing attempt since it
may well be trying to give a false sense of security to some victim.
Since I've already addressed this point three times, I don't see much
point in going over it again. MTAs keep multiple levels of Received:
headers, too, some of which are faked, and the world hasn't come to an
end.
Received headers aren't trying to cop attitude about something being
"authentic".
Honestly, I have trouble understanding what point you're trying to make.
From what you've been saying, the most straightforward interpretation
would be that you're too dim to imagine that there are mail systems
that don't work exactly the way that yours does. Since I know you're
not, I'm at a loss as to why you keep insisting that I don't run my
mail system the way that I do.
The point I'm trying to make is that net-nanny like pronouncements of
MUST/SHOULD NOT are pointless if an admin thinks some part of their
population is going to be fooled by it: they'll just ignore it and strip
away.
If you don't want strip, be my guest, but don't expect me to run my mail
system to accommodate your corner case.
Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html