Re: TECH OMISSION: Stronger checks against email forgery

[Tony Finch <dot@xxxxxxxx>]

On Tue, 7 Sep 2004, Yakov Shafranovich wrote:
> Tony Finch wrote:
> > On Fri, 27 Aug 2004, Jim Lyon wrote:
> >
> > > I continue to disagree.  There are too many scenarios where the bounce
> > > address is uncorrelated with the MTA that's delivering a message; this
> > > means that any scheme that attempts to reject mail based on those two
> > > inputs (bounce address and IP addr of sending MTA) will have too many
> > > false rejections.
> >
> > What makes the PRA different from the bounce address from this point of
> > view?
>
> The PRA algorithm tries to guess the most recent "Sender" for the message -
> i.e. the one that is being used for this SMTP hop. The bounce address on the
> other hand originates from the original hop and stays that way throughout
> multiple SMTP hops.

This is also true for the PRA, since no existing MTAs add Resent-From:
header fields when alias-forwarding.

Tony.
-- 
f.a.n.finch  <dot@xxxxxxxx>  http://dotat.at/
DOGGER: NORTHEAST 4 OR 5. FAIR. GOOD.