Fun new policy at AOL
Jack Bates
jbates at brightok.net
Fri Aug 29 21:07:20 UTC 2003
JC Dill wrote:
>
> Either the webmail solution meets your needs, or you need to obtain
> service from a company that offers a solution that meets your needs.
> Why is this so hard to understand?
>
Or people implement a protocol that doesn't break existing uses of the
system (let's not forget the issues with many mailing-lists and .forward
files).
Personally, I like the idea of verifying that an IP address that is
sending mail is allowed to send mail according to domain X, which is
either verified by the mail from rhs or by the (he|eh)lo parameter. One
or the other should be able to be verified; mail from rhs when at the
home network and (he|eh)lo parameter at remote sites. Checking the MX
records for each would make a good portion of the current mail servers
compliant (except those with seperate outbound/inbound servers) and
having a different tag (txt, new DNS record, special dns tag like
outmail.fqdn) would allow outbound only servers to quickly meet compliance.
It's quicker and more simplistic than any proposal I've read. It doesn't
break anonymous forwarding or sending mail through other provider's smtp
servers. What it does do is verify that someone is responsible for that
mail connection and that someone is domain X without arguement.
I don't care if envelopes appear to be forged. It's done regularly in
production. What I do care about is being able to say that someone is
responsible for the email. If domain X said that a server can send mail
outbound and it's not the mail I wanted, holder of domain X is liable
and lawyers can do the dirty work they are paid for. Or at a minimum, I
can block domain X and not feel bad about it.
-Jack
More information about the NANOG
mailing list