Ian Eiloart writes: > I think the reason that backscatter isn't subject to any RFC is that the > real problem is the lack of authentication and accountability for > return-paths in the original messages. Bouncing would be fine if you know > that the email really came from the owner of the return-path. > > That's what SPF and DKIM are intended to help with.
Aha, good point. OK, then the draft standards/RFCs for those qualify as far as I'm concerned. Note, I didn't mean that there must be an RFC saying "no backscatter", although you could read my words that way (and I certainly do demand it before I will consider this a purely technical problem). That would make things easy, of course, but those drafts/RFCs will most likely contain rationale for why we would like to outright ban backscatter, but can't quite go so far yet. > There's friction in their adoption because certain features of > email (notably mail forwarding, but also some others) have no > regard for these features. By which you mean that SPF and DKIM in some configurations are as big a threat to Mailman as blacklisting for backscatter is, right? _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
