On Wed, 25 May 2005, John Glube wrote:
Don't compound the design errors by mixing apples and
oranges. The HELO and SMTP MAIL FROM serve different
purposes. As I understand it, the HELO address identifies
the server making contact. The SMTP MAIL FROM address is
the address to which delivery status notices are sent. Each
identity serves a different purpose.
For this reason, each identity deserves its own design
approach, which requires a separate protocol so allowing
focused effort being placed on the problems and
difficulties surrounding the use of that identity for the
purpose of email authentication, given the complexity of
the email infrastructure.
While I agree that each identity deserves its own document describing
how it should be authorized, I have not seen enough evidence to indicate
that new/different protocol would be beneficial for those purposes over
using existing protocol in specific records that indicate use for certain
identity.
In general design that is more general framework is more likely to have
wider support then very limited and specific design. That is why we use
XML, that is why we use X.509, etc. In fact SMTP has this as well since
we have multiple protocols based on it, i.e. LMTP, SUBMIT, ODMR, etc.
Having SPF become general protocol that is usefull for large set of
mail policy assertions is good over it being specific only to MAILFROM.
For specific identities, special profiles can be described in BCP-like
documents that would say which operators and modifies should and should
not be used for specific identities.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net