RE: [spf-discuss] Misuse of Return Address
2006-12-06 14:39:20
At 05:11 PM 12/5/2006 -0500, Stuart D. Gathman wrote:
On Tue, 5 Dec 2006, Seth Goodman wrote:
> The second way for box67.com to get the desired functionality is to
> provide SMTP AUTH services over port 587. If the network at Raytheon
> permits this, users inside the network connects with the box67.com MSA
> over port 587 and gives it their login credentials in order to submit a
> message. Since mail submissions over port 587 require login, most
> networks don't bother to block outgoing connections, but they might.
> For cases where the foreign network allows this, it is preferable
> because you don't have to list the foreign MTA's in your SPF record and
> there is no risk of the foreign domain forging your return-path.
Yes, this is the only sane way to do what he wants. Since these are
fixed email clients (which wasn't clear on my first answer), they
can be configured to do so.
Box67.com is a recipient's forwarding service. It does not provide SMTP
AUTH, outgoing mail, mailstorage, POP accounts, webmail, or any of the
other features offered by a full-service ESP (email service provider) or a
typical company mail server. Box67.com has one purpose, and that is to
provide individual users with a permanent address and open-source access to
the best authentication/reputation systems on the planet. Box67.com may
add other services later, but for now it must stay focused on its primary goal.
Even if we add outgoing mail services we will still have a problem trying
to force changes on the world. Our recipients do not want to change their
email programs, their ESPs, or anything about the way they do business. It
is even a bit much for them to deal with our subject-line tagging - [],
[*], [**], [**spam**}. As one of our first beta testers put it - "Just get
rid of the spam, and spare me the details."
The one big thing we must ask our recipients to do is change their
Reply-To/Return address. For now, that is the only way they can use our
authentication/reputation system. That will change soon, however, when we
have a package they can have their admins download and install on their own
mailserver. Then they can have their own strict SPF record, and box67.com
is not involved.
We don't want to encourage misuse of the Return Address, but we have to
accept it because we cannot expect our clients to change their email
programs. I would join with the leaders of the SPF community in
petitioning Eudora and perhaps others to change what appears to be a
simple, obvious problem, but I can't insist that our clients bear the
expense or inconvenience. They will simply bow out.
-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- RE: [spf-discuss] Useful SPF results, (continued)
- RE: [spf-discuss] Useful SPF results, Stuart D. Gathman
- Re: [spf-discuss] Useful SPF results, Meng Weng Wong
- Re: [spf-discuss] Useful SPF results, Stuart D. Gathman
- RE: [spf-discuss] Useful SPF results, Seth Goodman
- Re: [spf-discuss] Useful SPF results, David MacQuigg
- Re: [spf-discuss] Useful SPF results, william(at)elan.net
- Re: [spf-discuss] Useful SPF results, Stuart D. Gathman
- Re: [spf-discuss] Useful SPF results, David MacQuigg
- RE: [spf-discuss] Useful SPF results, Seth Goodman
- RE: [spf-discuss] Useful SPF results, Stuart D. Gathman
- RE: [spf-discuss] Misuse of Return Address,
David MacQuigg <=
- Re: [spf-discuss] Misuse of Return Address, Scott Kitterman
- Re: [spf-discuss] Misuse of Return Address by MUA's, David MacQuigg
- RE: [spf-discuss] Misuse of Return Address by MUA's, Seth Goodman
- RE: [spf-discuss] Misuse of Return Address by MUA's, David MacQuigg
- Re: [spf-discuss] Misuse of Return Address by MUA's, Scott Kitterman
- RE: [spf-discuss] Misuse of Return Address, Stuart D. Gathman
- RE: [spf-discuss] Misuse of Return Address, Seth Goodman
- RE: [spf-discuss] Misuse of Return Address, David MacQuigg
- RE: [spf-discuss] Misuse of Return Address, Jason LEWIS
- RE: [spf-discuss] Misuse of Return Address, Seth Goodman
|
|
|