On Fri, 2005-07-08 at 14:52 +0200, Julian Mehnle wrote:
Forwarding without sender rewriting is a bad thing because it cannot be
distinguished from regular envelope sender forgery.
This is not true in the general case, but if SPF is your _only_ method
of detecting forgery, then it is indeed true.
This is the 'technical incompatibility' of which I spoke, and which I
haven't disputed -- we _agree_ on that point. I'm not sure it's me who
isn't listening -- you're arguing the point I'd already conceded.
However, some seem to have stated that forwarding was somehow 'wrong'
for reasons _other_ than the limitations of SPF. That it was a bad thing
even _before_ SPF was invented. It was _that_ which I do not understand,
and was asking someone to explain.
If forgers can evade responsibility by just claiming to be
forwarders, then the forgery problem cannot be solved.
[ ...except by abolishing forwarding in its current form ]
I agree with that logic.
Since the envelope sender forgery problem is real, we want it to be solved.
I agree with this logic too.
Because we are consequential, we are willing to declare forwarding without
sender rewriting a broken legacy feature. We'll see who agrees with that.
This is also reasonable. I agree with all your logic. But I don't agree
with your conclusion. Although all the _logic_ is OK, the initial
statement was false.
Forwarding without sender rewriting _can_ be distinguished from regular
envelope forgery; it's just that _SPF_ cannot achieve that task.
However, BATV/SES and DKIM _can_ tell forgery from forwarded mail.
You can see it in action if you like. Try forging a mail from me to
anywhere that bothers with SMTP callouts. Then set up a forwarding
address which points at that same recipient, and ask me to send a
genuine mail. Watch the first get rejected, and the second succeed.
--
dwmw2