Seth Goodman wrote:
Well, this hasn't gotten rid of SUBMITTER, which was one of your goals.
That wasn't one of my "goals". Read the subject. The point of my email was
using ENVID was to prevent the insertion of forged bounces if we use SUBMITTER.
Compare this to straight SES...
I'd love to do this comparison, except examining SES is like trying to nail
jello to a tree. It seems to have a different spec every day. Does it involve
CBV (callback verifier)? What is being signed? If just the originating address,
what prevents replays? Should it be done by the originating sender or the
forwarders? If the forwarders, how is it different from SRS?
I sure seem to see a lot of rah-rah postings about SES, but never any decent
specs or analysis. Consider something like this:
http://www.libsrs2.org/documentation.html
Michael R. Brumm