mailing list archives
Re: Fun new policy at AOL
From: Jack Bates <jbates () brightok net>
Date: Fri, 29 Aug 2003 16:07:20 -0500
JC Dill wrote:
Either the webmail solution meets your needs, or you need to obtain
service from a company that offers a solution that meets your needs.
Why is this so hard to understand?
Or people implement a protocol that doesn't break existing uses of the
system (let's not forget the issues with many mailing-lists and .forward
Personally, I like the idea of verifying that an IP address that is
sending mail is allowed to send mail according to domain X, which is
either verified by the mail from rhs or by the (he|eh)lo parameter. One
or the other should be able to be verified; mail from rhs when at the
home network and (he|eh)lo parameter at remote sites. Checking the MX
records for each would make a good portion of the current mail servers
compliant (except those with seperate outbound/inbound servers) and
having a different tag (txt, new DNS record, special dns tag like
outmail.fqdn) would allow outbound only servers to quickly meet compliance.
It's quicker and more simplistic than any proposal I've read. It doesn't
break anonymous forwarding or sending mail through other provider's smtp
servers. What it does do is verify that someone is responsible for that
mail connection and that someone is domain X without arguement.
I don't care if envelopes appear to be forged. It's done regularly in
production. What I do care about is being able to say that someone is
responsible for the email. If domain X said that a server can send mail
outbound and it's not the mail I wanted, holder of domain X is liable
and lawyers can do the dirty work they are paid for. Or at a minimum, I
can block domain X and not feel bad about it.
RE: Fun new policy at AOL Drew Weaver (Aug 29)