[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MUA support for multiple from addresses

To: Alessandro Vesely <vesely@xxxxxxx>, SMTP Interest Group <ietf-smtp@xxxxxxx>
Subject: Re: MUA support for multiple from addresses
From: Randall Gellens <randy@xxxxxxxxxxxx>
Date: Wed, 29 Feb 2012 11:05:10 -0800
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=randy@xxxxxxxxxxxx; q=dns/txt; s=qcdkim; t=1330542656; x=1362078656; h=message-id:in-reply-to:references:x-mailer:date:to:from: subject:mime-version:content-type:x-random-sig-tag: x-originating-ip; z=Message-ID:=20<p06240606cb7426b2da10@xxxxxxxxxxxxxxxx> |In-Reply-To:=20<4F4CF06F.9080606@xxxxxxx>|References:=20 <CAK6vND8a12YTvT3USVwyLGrZFJ8CZohGKJ+khXmTHh5YVDpukw@mail .gmail.com>=0D=0A=20<0C362250-14EA-40E8-A3DC-81D29E5D15C7 @blighty.com>=0D=0A=20<01OCHPFYK9HA00ZUIL@mauve.mrochek.c om>=0D=0A=20<4F4CC2FB.4070206@xxxxxxxxxxxxxxxxxxx>=20<4F4 CF06F.9080606@xxxxxxx>|X-Mailer:=20Eudora=20for=20Mac=20O S=20X|Date:=20Wed,=2029=20Feb=202012=2011:05:10=20-0800 |To:=20Alessandro=20Vesely=20<vesely@xxxxxxx>,=20SMTP=20I nterest=20Group=0D=0A=09<ietf-smtp@xxxxxxx>|From:=20Randa ll=20Gellens=20<randy@xxxxxxxxxxxx>|Subject:=20Re:=20MUA =20support=20for=20multiple=20from=20addresses |MIME-Version:=201.0|Content-Type:=20text/plain=3B=20char set=3D"us-ascii"=3B=20format=3Dflowed|X-Random-Sig-Tag: =201.0b28|X-Originating-IP:=20[172.30.48.1]; bh=c+s1MhtJbQ31e17eNH9l+9BBciooR2PRyXJaRov1uUo=; b=wCyXxoXfNlt6i6RlqLQxEE9ltRbTRMLUaJIsEwFRJV0Ww96Vx4WxHraW ZpWqim687URuVdgf/yL6SQnwcEb2H+7ngXPKmPvpV0ZBDLfzyqYnHxsF3 wCnUs537ahL6XPap1SBkRZfkCceIVWDyyaoQOqt9hL+QzVmDIsHVsHbMv M=;
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-id: <ietf-smtp.imc.org>
List-unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
References: <> <> <> <> <>
Sender: owner-ietf-smtp@xxxxxxxxxxxx


At 4:19 PM +0100 2/28/12, Alessandro Vesely wrote:

 On 28/Feb/12 13:05, Arnt Gulbrandsen wrote:


 3. We'll restrict From and the smtp sender addresses to ones
 explicitly connected to the SASL/Submit user.


 IMHO, forcing the login ID to match any world-readable outgoing header
 field is not a tremendous security improvement.  Most MUAs allow to
 configure From: with whatever (unverified) address.

This is my concern as well. I often set the 'From' header field to aone-off or a user-detail or even someone else's address (when usingEudora redirect). As long as I'm authenticated to the submit server,and the message can be tracked back to me in case I abused it, what Iput in the 'From' header field shouldn't matter.


--
Randall Gellens
Opinions are personal;    facts are suspect;    I speak for myself only
-------------- Randomly selected tag: ---------------
Some days you feel like Schrodinger's cat.   --M. S. Hutchenreuther

References:
- MUA support for multiple from addresses
  - From: Peter Bowen
- Re: MUA support for multiple from addresses
  - From: Steve Atkins
- Re: MUA support for multiple from addresses
  - From: ned+ietf-smtp
- Re: MUA support for multiple from addresses
  - From: Arnt Gulbrandsen
- Re: MUA support for multiple from addresses
  - From: Alessandro Vesely

Prev by Date: Re: "proper" handling of BCC
Previous by thread: Re: MUA support for multiple from addresses
Next by thread: Re: MUA support for multiple from addresses
Index(es):
- Date
- Thread