Stuart D. Gathman wrote:
An excellent idea. I would much rather see the RFCs modified to
require ENVID passed back on RCPT than adding SUBMITTER.
The MTA at orig.com can now use the "Original-Envelope-ID:" to
determine whether the bounce is valid. Ideally, the ENVID would get
passed back on the DSN's RCPT command, but alas it does not. I
suppose if we are adding SUBMITTER to MAIL FROM, we could add ENVID
parameter to RCPT, like this:
EHLO third.com
MAIL FROM: <>
RCPT TO: <ann(_at_)orig(_dot_)com> ENVID=yf09+Cw
If the orig.com has to go to DATA phase to get the
Original-Envelope-ID, then I hate the scheme. But if ENVID were to
appear on RCPT TO, then that would make SES so much more attractive
for preventing forged bounces.
I concur. Unfortunately, if we have to change the SMTP protocol to
accomplish this, then we're exactly where we're at having to introduce
RFROM.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx