Re: recent spam to this list
On Mon, Oct 13, 2003 at 02:47:44PM +0200, Julian Mehnle wrote:
> Andreas Metzler wrote:
>> Julian Mehnle <firstname.lastname@example.org> wrote:
>>> Andreas Metzler wrote:
>>>> If I send an e-mail over mail.nusrf.at with envelope-from
>>>> email@example.com I am _not_ forging anything or making
>>>> "unauthorized use of domains"
>>> Yes, you are. The envelope-from address is not a reply-to address,
>>> it's a sender address. If you are sending from mail.nusrf.at, you
>>> are not sending from logic.univie.ac.at. So you should not specify
>>> <firstname.lastname@example.org> as the envelope-from address, or you'd
>>> be forging it.
>> No, I am just specifying where I want bounces to go to.
>> MAIL FROM:<reverse-path> [SP <mail-parameters> ] <CRLF>
>> This command tells the SMTP-receiver that a new mail transaction is
>> starting and to reset all its state tables and buffers, including any
>> recipients or mail data. The <reverse-path> portion of the first or
>> only argument contains the source mailbox (between "<" and ">"
>> brackets), which can be used to report errors.
> There you have it. It's the "source mailbox", and while it can be
> used to report errors, it can *not only* be used to report errors.
> I'm relieved that the RFC doesn't contradict my common sense
> understanding of a "sender address".
I does not confirm it.
There is no such thing as "the domain part of the <reverse-path>
should/has to/must be identical to the domain name of the machine the
mail was written on originally", it just states that <reverse-path>
can be used to report errors to.