-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of David
MacQuigg
Sent: zaterdag 26 februari 2005 17:19
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Email Forwarder's Protocol ( EFP )
RFC 2821 formally defines Return-Path as follows:
Return-Path-line = "Return-Path:" FWS Reverse-path <CRLF>
It is associated with the MAIL FROM entity:
When the delivery SMTP server makes the "final delivery" of a
message, it inserts a Return-Path line at the beginning of the mail
data. (...) The Return-Path line preserves the information in the
<reverse-path> from the MAIL command.
As I understand it, the Return-Path is set by the original
sender of a message, and is supposed to be preserved by all relays
along the path to the final recipient.
If the Return-Path were always the original address of the sender, then it
would effectively be the same as the RFC 2822 From: entity. Return-Path,
as said, is associated with the envelope-from; and, as such, can change;
RFC 2821 even anticipates such changes:
It is possible for the mailbox in the return path to be different
from the actual sender's mailbox, for example, if error responses are
to be delivered to a special error handling mailbox rather than to
the message sender. When mailing lists are involved, this
arrangement is common and useful as a means of directing errors to
the list maintainer rather than the message originator.
And this, of course, is why it is so important people use the reverse-path
on bounces. Consequently, when people do SRS, especially forwarders, you
should expect to see, and use, the SRS0[01] signed address in the
Return-Path (or whatever other header holds the true reverse-path,
associated with the MAIL FROM entity).
At the very least, we should be able to
rely on the IP address of the topmost header. From that
IP, we can find the owner's domain,
Can we? You can get a PTR from it; but there may be many A records which
resolve to that IP address. If you were to attempt this, which is
ill-advised, your best bet would probably be to try and match HELO (also
usually part of the Received: header) against the IP address, and use that
for domain if it matches.
and send the bounce to
the postmaster at that domain.
Let's don't, and say we did. ;) Heck, let's not even say we did. For one,
as said, because you may be sending to the wrong domain; and, for two, and
probably even more pressing, you really should be using the indicated
reverse-path. I cannot stress the importance of this enough.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx