On 2003.08.27, russm <[EMAIL PROTECTED]> wrote: > That would break a lot of things, I reckon...
Yes! SMTP is fundamentally broken, and that's why it's so easy to send spam in a way that's hard to track down and easy to forge. This is NOT a feature -- being able to send forged email -- it is a FLAW in the SMTP design. What I suggested is a easily implementable fix to the design. > When I'm at home all outbound mail is relayed through my providers mail > servers, but they certainly don't provide backup MX for my employer - > you'd see mail from mail.optusnet.net.au which is not in the MX list > for icorp.com.au... And why aren't you relaying mail through one of icorp.com.au's MX'es? They won't allow your IP to relay through them? Not even with something like POP-before-SMTP auth or S/SMTP with SSL client certificate auth or some other mechanism? Novel idea: when you're at home, why not send mail from an email address valid from your home machine through a mailhost that the address is valid for, and use the Reply-To: header in the mail if you want responses to go back to your work address? Why do you need to forge the outgoing From: address? Do you need to hide the fact that you're sending the email from home? -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
