On Fri, 2004-03-26 at 10:38 -0800, Lou Katz wrote:
This cure may be worse than the disease. As I understand it, you have
totaly disallowed forwarding.
I said MAY not MUST. It becomes _one_ of the options available to a
forwarding host.
Instead the former forwarding machine is to return a 551 and the new
address. But, how does the forwarding machine discover the new
address?
It's in the 551 response. That's what a 551 response is _for_.
What if forwarding is to more than one address. What if the purpose
of forwarding was to shield the final address from discovery?
Then the forwarding host may elect not to do that -- it may elect to to
undertake the more onerous task of accepting the mail and doing some
kind of rewriting like SRS.
But for many forwarding hosts, it will be possible just to give a 551
response with the new address(es), allowing the originating host to send
the mail to its final (or intermediate) destination directly.
You give forwarding hosts an _easy_ option, which they don't _have_ to
take, and you make it far more likely that there will be a general
uptake of SPF-compatibility by those forwarding hosts who are _never_
going to accept something as complex and not-obviously-safe as SRS.
SRS remains, of course, an option for those who don't want to give
redirects for whatever reason.
--
dwmw2