On Sun, Mar 28, 2004 at 11:19:28AM +0100, David Woodhouse wrote:
Forwarding without modifying the envelope
sender may be an established practice, but I don't believe it's valid.
You are definitely on an uphill tack there.
Thought you might disagree ;-)
You might just as well argue that accepting mail without checking that
it can be delivered, and subsequently generating a bounce, is an invalid
but established practice -- and hence start rejecting all MAIL FROM:<>
Well, sometimes there's no way to avoid it. But I think that there is
an ever-growing responsibility to verify that the mail you're bouncing is
at least somewhat likely to be valid before you do bounce it.
For justification, I'd just point out that a message forwarded in that way
is logically identical to a forgery.
...
The second message obviously _isn't_ a forgery, and it passes CBV -- but
you claim it's "logically identical" to one. I suggest that if that's
logical, your axioms are flawed.
I don't believe that it's reasonable to assume that a forwarder can basically
forge envelopes on the grounds that "there's likely to be some other way to
tell that it's alright really", or to expect a recipient to expend the effort
to check all those other possible ways to tell that your mail is, after all,
valid.
What happens when you decide to use BigCompany's latest whizzy digital
signature mechanism that's only available if you pay them lots? Do you then
expect me to do so in order that you/your forwarders may continue to play
games with your envelopes? The envelope should stand alone, and one should
not rely on other assorted arbitrary and hypothetical information to
determine whether or not it is valid.
If you want a forwarder to be able to send mail as if from you, fine, you
can publish SPF records to permit it. If you want any arbitrary forwarder
to be able to send mail as if from you, also fine; publish appropriate
records (or none at all). But don't expect everyone else to faff about
examining your mail in minute detail to see whether some one of infinitely
many possible other methods could show that it's probably really from you
after all.
That probably sounds harsher than it's intended to be, but I'm going to
have to leave it now - I guess we'll have to agree to disagree, and
"fight it out in the marketplace".
Again, I think you're missing something here. SPF will enable valid mail
which
is currently being silently bounced to be either accepted completely, or
alternatively rejected in such a way that the sender will be notified.
You're assuming that people read bounces. I don't make that assumption
because I've seen it disproven too many times.
I'm not assuming that; it is however preferable to send a bounce to the
sender if possible (as opposed to just dropping it). I'm well aware that
lots of people don't read bounces, but some do.
words which were in the original, and as long as I make them look like I
typed them myself and they didn't come from a computer, the recipient
actually bothers to read them.
So true.
Cheers,
Nick