> bounce messages need to go to the author or the person
> responsible for posting the message.
>
While you're using my box I'm still responsible for what you
do with it.
Yes. But that is the difference between MTA validation versus author
validation. SPF conflates the two.
If the bounce address is used, it is because the destination address is
problematic. That is something that the rfc2822.author and/or rfc2822.sender
need to know. It is entirely irrelevant to the MTA operator. The latter is
typically a third-party, with no interest in bad destination addresses, nor
ability to do anything about them.
Who else should get the bounce ? Certainly not you(_at_)dcrocker,
bouncing to the (2)822 From is wrong. As you said in STD 11:
I cite the 2822.from because it is the 'virtual' 2822.sender, when
sender==from. The simple way to say this is that the bounce is set by the
2822.sender. Always. It has nothing at all to do with any of the intermediate
MTAs.
Maybe you use BATV, that works 100%. But you can't use it on
my box, I haven't implemented it.
The simple form of batv does not require implementation by anyone except the
administrative authority creating the original rfc2821.mailfrom.
d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
www.brandenburg.com