"Seth Goodman" <sethg(_at_)GoodmanAssociates(_dot_)com> writes:
I'm still confused about what you originally proposed. If I
understood you right, it was that a domain owner would be able to
forbid any relaying of their mail.
Yes, although I'd phrase it as "a (sub)domain owner would state that
they only send mail directly to recipients / never relay their outgoing
mail through a host not specified in the SPF record".
How can a domain owner know whether the addresses they send to are
end-user accounts or forwarding accounts? Let's say that AOL's user
set up a forwarding account, dignified-user(_at_)pobox(_dot_)com, that
forwards
to their home address flatus(_at_)bozoISP(_dot_)com, for obvious reasons.
It's the job of pobox.com to do the SPF check and the user should
configure their account to trust the SPF checks done by pobox.com and
not recheck them. If you can't trust your forwarding service, then
what's the point?
In this case, billing.aol.com sends a billing message to
dignified-user(_at_)pobox(_dot_)com, but pobox.com rejects the message because
billing.aol.com prohibits relaying. Poor Mr. Flatus never gets his
bill and AOL doesn't get their money. If I've misunderstood what you
are proposing, please correct me.
Why would pobox.com reject the message? It was sent directly to
pobox.com by billing.aol.com and that would be permitted.
Daniel
--
Daniel Quinlan
http://www.pathname.com/~quinlan/