"Monique Y. Herman" <[EMAIL PROTECTED]> writes: > why shouldn't auto-responders be using From?
Essentially because this is the sole purpose of Return-Path -- to provide an address suitable for machine generated messages. SMTP servers already use Return-Path for automated messages. Using Return-Path for auto-responses is also recommended by the IETF draft ``Recommendations for Automatic Responses to Electronic Mail''[1], and TMDA attempts to be standards-compliant. Section 4 of the draft discusses the pros and cons of using Return-Path, Sender, From, or Reply-To for this purpose. In summary: ``The Return-Path address is really the only one from the message header that can be expected, as a matter of protocol, to be suitable for automatic responses that were not anticipated by the sender.'' I'll note that TMDA used Return-Path long before this draft was written. > I'm guessing the answer is because the From header can be easily > spoofed ... Not really, as the envelope sender address can be easily spoofed as well (using `/usr/sbin/sendmail -f' for example). Footnotes: [1] http://www.ietf.org/internet-drafts/draft-moore-auto-email-response-03.txt _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
