spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: Fw: SRS vs BATV

2006-02-16 21:35:06
from [Mark Shewmaker] [Permanent Link] 
On Thu, Feb 16, 2006 at 08:06:26PM -0800, william(at)elan.net wrote:


I'm going to summarize what you just wrote,


Thank you.  I like your summary, though I worry about body header
verification.

It's something that's been bugging me in this thread, and unfortunately
it rather confuses the issue a bit as far as how you can reliably know
when you should be able to verify non-bounce addresses:

Just an address might be valid for 2821 MAIL FROM but not for 2822
body-header From, and vice versa--and folks wanting to use SES/BATV/VERP
type schemes find a use for that difference in what's valid where--I'm
wondering if what shows up as, say, a PRA (or Reply-To:) should always
be considered valid for a non-bounce RCPT TO:.

For instance, given a 2821 SUBMITTER, 2822 Reply-To:, 2822-ish/SenderID
PRA...should any of those things really in particular be assummed to
have to be valid arguments of a RCPT-TO: for non-bounce messages?  (And
are there good hard and fast rules you can use to figure out what REALLY
should pass non-bounce tests?)

For instance, if you have a message with a particular address
2821-SUBMITTER'ing the mail, where that address is the same as the PRA,
but there is a different Reply-To: address--is it okay if the SUBMITTER
address accepts neither bounces nor non-bounces, but the Reply-To takes
non-bounces?  Does that answer change if the messages has been PRA-style
forwarded multiple times--after the domains in the original email
(including the Reply-To: domain) have expired?

I'm worried that there are likely all sorts of odd corner cases that can
make this sort of body-header-address-verification tricky and
error-prone.

However, at least the answers for MAIL FROM addresses are much simpler.
:-)

-- 
Mark Shewmaker
mark(_at_)primefactor(_dot_)com

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Fw: SRS vs BATV, Stuart D. Gathman
Next by Date:  Re: [spf-discuss] Re: Fw: SRS vs BATV, Mark Shewmaker
Previous by Thread:  Re: [spf-discuss] Re: Fw: SRS vs BATV, william(at)elan.net
Next by Thread:  Re: [spf-discuss] Re: Fw: SRS vs BATV, no direct replies
Indexes:  [Date] [Thread] [Top] [All Lists]