Hannah Schroeter wrote:
[STD 10]
Obsoleted by RFC2821
^^^^^^^^^^^^^^^^^^^^
Yes, 2821 claims to obsolete 821. But the official standard is
still 821. I'm not yet sure how this "IETF standard process"
is supposed to work, maybe RfC 2821 is blocked in its progress
because it has some problems - like forgeries and forwarding.
With the "stalinistic" attitude of the IESG demonstrated by RfC
3710 chapter 4.3 and the unilateral termination of MARID I'm
too annnoyed to find out more at the moment. And I certainly
wouldn't want RfC 2821 as an Internet standard, so this point
is moot.
RFC2821 says:
Historically, the <reverse-path> can contain more than
just a mailbox, however, contemporary systems SHOULD NOT
use source routing (see appendix C).
It also says in appendix C:
| servers MUST be prepared to receive and handle them as
| discussed in section 3.3 and F.2, clients SHOULD NOT
| transmit them
[...]
| When the list of hosts is present, it is a "reverse" source
| route and indicates that the mail was relayed through each
| host on the list (the first host in the list was the most
| recent relay). This list is used as a source route to return
| non-delivery notices to the sender.
It's a mess. Maybe the poor author had the same problems as
"we" (tinw), the just-forward-fraction pressing for "get rid
of this nonsese, it's stoneage UUCP pre-DNS", and another group
saying "but it could help against forgeries".
Let's just say that 2821 killed "reverse source routes" without
explicitly saying so. And as a side-effect 2821 almost killed
SMTP, because SMTP does not work if the whole world is forced
to delete all bounces.
But then Meng inspired by RMX rescued SMTP with SPF, this is
of course only my private version of this fairy tale... ;-)
Seems there already exist sites that reject SPF fail
Good, that's the essential idea. From there anything works as
designed.
Ya know, not all mail users are also MTA admins/developers.
If you're hit by 1000 bogus bounces / challenges / vacation
mails per day - in addition to the ordinary spam - and equipped
with a modem, then you're willing to learn these things fast.
Lazy users might try to get a bigger mailbox and DSL first, and
maybe they disable the catch-all for their vanity domains, but
whatever they do, sooner or later they either give up on SMTP
or look for real solutions.
Bye, Frank