[Asrg] Re: Receiver Initiated Authentication
Peter Bowyer
peter at bowyer.org
Mon Sep 17 11:57:09 EDT 2007
On 17/09/2007, Michael Kaplan <michaelkaplanasrg at gmail.com> wrote:
>
>
> On 9/17/07, Frank Ellermann <nobody at xyzzy.claranet.de> wrote:
> > Michael Kaplan wrote:
> >
> > > The core of this concept is that questionable unauthenticated email
> > > will be bounced
> >
> > I hope you mean "rejected", unsolicited bounces are evil.
>
> Yes, in section 9 I summarize the Ironport data on the bounce problem, and
> it is a real problem.
> Sometimes legitimate email is unauthenticated; adopting a policy of
> absolutely never sending a bounce in response to an unauthenticated email
> will degrade the integrity of email. Banning all such bounces solves one
> problem and creates another.
Your use of 'Yes' in your answer to Frank was clearly in the sense of
'No'. Unsolicited bounces are evil, and you're still proposing to send
them. This is bad. Why are you not talking about SMTP-time rejections,
which are not evil and don't suffer the same issues?
Peter
--
Peter Bowyer
Email: peter at bowyer.org
More information about the Asrg
mailing list