On Tue, 2004-12-07 at 11:41 -0600, Daniel Taylor wrote:
In the process you have also pointed out why SRS, RSR, and pretty much
every other header-based attempt at fixing the "forwarding problem"
is broken. Bringing back the bang-path just won't work when there
are people out there determined to undermine the system.
Right. You can't use a hop-by-hop solution and _pretend_ it gives you
true end-to-end authentication. You need to actually use a scheme which
was designed to work end-to-end in transit through the mail system. A
scheme based on IP addresses is not sufficient.
The only really effective way I can see to deal with this is for
each forwarding step to take responsibility for and keep track of
forwarded messages so that the path can be cascaded back in the
event of a failure. This is unspoofable, and would reduce the amount
of traffic from bogus bounces.
That's basically what SRS attempts to do, surely? I'm not sure what you
envisage in the above paragraph which is materially different from SRS?
CSV is somewhat of a latecomer here.
If CSV doesn't accomplish anything more than SPF does, why even
consider it?
Because it achieves as much as SPF does, but without the quixotic
attempt to change common forwarding practice.
If there are two solutions which offer the same benefits, but one is
compatible with existing practice and the other is not -- is it really
so hard to choose between them?
Please note, however, that the vast majority of e-mail traffic
is point-to-point (including in all cases the first hop of forwarded
messages). Solving the point-to-point forgery problem does go a long
way toward solving the general forgery problem.
Not really, for the same reason as having a whitelist doesn't go a long
way to giving you a blacklist. SPF allows you to determine which mail is
definitely _valid_. But it doesn't allow you to determine which mail is
definitely _invalid_. And it's the latter which is useful.
--
dwmw2