nobody at xyzzy
Mar 4, 2008, 11:04 AM
Post #19 of 21
Don Lee wrote:
> It's dead. I'll file it appropritately.
+1 It's still possible to create a similar SMTP extension
with another name for slightly different purposes. On the
DKIM list Hector proposed a kind of SSP-accelerator using
the "submitter" idea. There was no much discussion because
SSP had more pressing problems than optional optimizations.
Some years ago William proposed a different "submitter" on
the former MARID list with a new spf2.0/submit identity, I
forgot the details, but folks here including Wayne and me
considered it as redundant wrt v=spf1 and its Mail From:
And recently there was a Tenbox proposal in this direction,
I'll try to look at it again when it hits IETF servers in
the form of an Internet Draft.
> Potentially, though, SUBMITTER could be checked instead of
> Mail from:. This presumes that each server in the chain is
> willing to take responsibility for the message, and does
> not handle end-to-end checking, but would at least provide
> a reliable one-hop solution for SPF checking that does not
> have "forwarding problems".
I very much doubt it. The mail architecture offers MAIL FROM
to report problems and indicate responsibility, tons of RFCs
down to "mail disposition notifications", "sieve vacation",
"delivery status notifications", etc. all rely on no nonsense
MAIL FROM envelope sender addresses. And SPF PASS + FAIL is
the only way to get this today, after RFC 821 was mutilated
by RFC 1123 5.3.6(a) 19 year ago, and the spammers figured it
out about seven years ago. The concept of "forwarding" as it
was known before RFC 1123 5.3.6(a) does not work any more,
"forwarding" is now a part of the problem, like open relays.
Sender Policy Framework: http://www.openspf.org
RSS Feed: http://www.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://www.listbox.com/member/?member_id=1311532&id_secret=95897010-3d7186
Powered by Listbox: http://www.listbox.com