[Asrg] Re: Yet another attempt to fix forwarding
Frank Ellermann
nobody at xyzzy.claranet.de
Wed Jan 30 15:41:48 EST 2008
Douglas Otis wrote:
> It seems rather ironic SPF's intended purpose was to direct
> culpability to the provider's customer (the email-address owner).
The "owners" of a reverse path are the hops adding info to it,
today in essence limited to the envelope sender address as
accepted by the MSA.
> In addition, schemes directing culpability toward provider's
> customers are in conflict with the general protection of personal
> privacy.
There is no such thing as "culpability" of senders in SPF. If
folks want it they can arrange for a working envelope sender
address based on their Message-ID or using BATV, but that has
nothing at all to do with privacy.
> Only the provider should be able to determine a message source,
> and therefore only the provider should be held responsible for
> controlling abuse.
The provider is not responsible for forgeries by third parties.
SPF only allows to identify plausible (PASS) or forged (FAIL)
envelope sender addresses for domains publishing an SPF policy.
Frank
More information about the Asrg
mailing list