william(at)elan.net wrote:
draft-leibzon-responsible-submitter-00.txt
Why is sp2.0/submit better than spf2.0/helo + white list ?
IMHO you can't replace the trust between forwarder (= MX
of receiver) and a 3rd party (= MX of next destination)
by a technical solution, that's something that has to be
arranged by the receiver - after all he knows why he
wants to forward his mail from A to B, and that doesn't
work with my MAIL FROM if B checks my sender policy.
But as soon as it has been arranged all B needs to know
is that A is really A (spf2.0/helo), and therefore it
can ignore the FAIL for spf2.0/mfrom. Of course A can
also use other methods like rewriting or 551. Resp. B
could use trusted-forwader.org.
Why do they need another scope and SUBMITTER ? And
how is this supposed to work against a malicious A ?
Bye, Frank