On Sun, Mar 21, 2004 at 02:40:13PM +0100, Giuliano Gavazzi wrote:
> At 9:55 am +0000 2004/03/21, David Woodhouse wrote:
> >they did not send, the page at http://www.infradead.org/rpr.html has an
> >example of how to do that _without_ needing to change the way the world
> >works. Basically you do rewriting only on your _own_ outgoing addresses,
> >so the 'raw' address (e.g. dwmw2@???) is never used in valid
> >MAIL FROM:. Then you can reject bounces to that address -- and anyone
> >doing sender verification callouts will hence also reject faked mail
> >_from_ that address.
>
>
> this, I think, is even a worse method than SPF as it breaks those
> mechanisms that rely on the envelope address.
I think you've mis-understood the principles behind dwmw2's method.
Where do you think the breakage occurs?
The rewritten envelope addresses remain valid addresses, in much the
same way as a VERP-encoded sender address remains a valid address.
For example, a VERP-encoded sender address looks like this:
mailinglist-bounces+foo=bar.com@???
and is a valid sender address. If mailinglisthost.com always sends
out mail encoded using VERP, it knows that the non-VERP address
(mailinglist-bounces@???) will never be used, so
can prevent bounces to that address.
In both cases, however, only the sender host knows if the local part
is valid. In the VERP case, the sender host knows that the address
in the above example was sent out for "mailinglist", and was sent to
foo@???.
There's very little difference between VERP and what dwmw2 is doing.
--
Russell King
Linux kernel 2.6 ARM Linux - http://www.arm.linux.org.uk/
maintainer of: 2.6 PCMCIA - http://pcmcia.arm.linux.org.uk/
2.6 Serial core