Ian Eiloart wrote: > I think the reason that backscatter isn't subject to any RFC is that > the real problem is the lack of authentication and accountability for > return-paths in the original messages. Bouncing would be fine if you > know that the email really came from the owner of the return-path. > > That's what SPF and DKIM are intended to help with. There's friction in > their adoption because certain features of email (notably mail > forwarding, but also some others) have no regard for these features.
So far, so good. > Until no email service provider accepts message submissions outside of > their own domains, all email providers offer message submission on port > 587, all message submissions are autheticated, and mail forwarders > accept responsibility for the email that they forward, it's not safe to > bounce email. This, however, is simply untrue. Of course what you said is desirable, but SPF can help with safely bouncing e-mail _today_. SPF may sometimes give an unexpected "Fail" result due to alias-style forwarding or other problematic cases, but when it gives a "Pass" result, it is always safe, i.e., the return path can be assumed to be authentic and bounces may be sent.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
