I've been thinking about this some more and I think this TENBOX/E idea is a
half-measure that won't get the job done.
Fundamentally, in an environment where untargeted backscatter is not
acceptable, the only place that any accept reject decisions can be made is at
the transition point from the sender's trust network to the receiver's trust
network. This is the same thing I've said about SPF checking before as a
general point.
The key issue is that the traditional forwarder is an agent of the reciever
and not the sender. Once the forwarder forwards it's an internal matter for
the reciever and they have an obligation to get it right. This means one of
two things:
1. Forwarder puts in a new Mail From (I'm thinking more like a mailing list
does than SRS, but SRS for SPF Pass would work too) and treats the forwarding
action much like a new mail transaction (as mailing lists do). With the
exception of relaying bounces back to SPF Pass senders via SRS, it's really
between the forwarder and the reciever at this point. It's no different than
a border MTA accepts mail and then has to deal with internal delivery
problems.
2. Reciever doesn't bounce from known forwarders.
I'm not sure what the reciever's incentive is for #2. Unless forwarders
figure out how to live in a no backscatter world, I think they'll go the way
of finger and gopher.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735