Seth Goodman wrote:
The more we can reject during SMTP, the more the original
assumptions behind SMTP can be trusted.
Okay, but please make sure that this is only an option. If a
mailer treats anything between DATA and "dot" as unidentified
garbage and adds only his time stamp (Received:), then that's
not "wrong".
Very good idea, William! This beats the heck out of PRA, and
I'm delighted to see it.
Indeed. The "Sender-ID" fans had enough chances to fix their
algorithm using the Return-Path, but they ignored it. What
William did is essentially an opt-in solution for those who
really need and want it.
I'm pretty confident this is free and clear of Microsoft's
IP.
My copy of STD 11 says "David H. Crocker", August 1982. They
didn't invent this "Standard for ARPA Internet text messages",
the situations where people can't send mail with the same
2821 and 2822 identities are becoming less and less common.
Here I strogly disagree, but it's no problem, because it's an
opt-in idea.
Mailing lists are already compliant.
No, some use Errors-To.
Both the traveling salesman and vanity domain problems can be
solved through the use of SMTP AUTH.
Is that RfC 2476 "MAY add Sender" ? Then I know one MSA which
enforces submission rights, but does _not_ manipulate the DATA.
That might be even illegal and / or a privacy issue (IANAL).
If not having the two identities match resulted in some mail
not getting delivered, this would produce the necessary
"encouragement" for providers to implement SMTP AUTH
"MAY add Sender" and "enforce submission rights" are _options_
in RfC 2476. Authentication alone is not good enough. With
"enforced submission rights" you get a valid MAIL FROM for SPF.
With "MAY add Sender" you get Wiliams's "equivalent header",
and maybe some discussions with privacy officers. And this
"equivalent header" (= Sender) is technically redundant, which
is not exactly any "encouragement".
But companies hit by phishing attempts will of course love it.
And they won't be disappointed if this breaks posting to some
moderated newsgroups. But William's proposal is _not_ suited
for average users. It's for those who desperately want it.
Bye, Frank