> On Fri, 19 Jun 1998 10:06:06 -0400 (EDT), Dave C. wrote:
>
> >They could set the Reply-To field to anything they want and not be
> >penalized.
>
> Unless they want semi-anonimity
>
> >Setting the From field to their hotmail address, when they
> >were sending from somewhere other than hotmail would be forgery
> >regardless of the intent, and I would have no problem blocking such
> >mail (not that I have any immediate plans to bother doing so)
>
> No, it is not. It is a legitimate use. To me it is only a forgery
> when they to something to get around any blocks in place and foil the
> trace back to them. According to your definition someone who has a
> virtual domain, say, oh, rpglink.com, and is on their ISP, say, oh,
> calweb.com, if they send mail from rpglink.com through calweb.com it is
> forgery.
BUT if they are going to change the From: address, then they
should set the Sender: header to the actual address from which
it was sent. (IIRC the RFC talks in terms of people rather
than unique addresses; and gives the example of a secretary
sending mail on behalf of the boss. But it was also written
in the days when almost nobody had more than one address.)
Personally, I believe that in the current climate of rampant
SPAM with forged and often unreplyable addresses, nobody should
expect a message to be delivered if the apparent origin disagrees
too radicaly with the actual (envelope) address or with the domain
extracted from the Received: headers (after throwing out those
that appear to be forgeries.)
Getting back to the original question, or at least to the original
side issue, the envelope from address should be used to determine
whether the message is from Hotmail, and therefor whether to trigger
the forgery detection. It doesn't matter whether the From: header
says foo@??? if the envelope says it's from bar@???.
(Or, rather, that sort of discrepancy is the subject of a completely
different set of possible SPAM/forgery filtering rules which are not
specific to messages apparently from Hotmail. I would certainly
generate an X-Envelope-To: header at the minimum in this case.)
-Pat
--
*** Exim information can be found at
http://www.exim.org/ ***