On Fri, 2007-02-23 at 10:01 +0000, Ian Eiloart wrote: > That seems like a good summary of the situation. It's probably worth adding > that, in an ideal world, (A) no site would accept unauthenticated email > "from" its own domain. Furthermore, (B) no site would accept email from > another domain, where the IP address of the sender wasn't advertised as a > legitimate source. In that world, domain owners could be held responsible > for email sent "from" their domains.
I'd probably be inclined to agree with that -- but it's worth noting that this 'ideal world' of which you speak bears no relation to email as we know it, and in particular to SMTP. We _do_ expect to see unauthenticated email "from" our own addresses, the way the world works today. -- dwmw2 -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
