Re: recent spam to this list
Julian Mehnle writes:
> Don't you agree on my understanding of a sender address (or source
> mailbox) being the address (or source mailbox) the sender sends
> from? If so, please state it explicitly, so I have something I can
> argue against. :-)
Mail is not sent from any particular address at all; it is sent by a
person or program. It is delivered to one or more addresses. The
From: address and SMTP and envelope sender addresses are for human
understanding and status reporting.
Forgery generally means to create written authorization that shows
false provenance. A user who indicates status messages should go to
his own address is not forging that address, even if it is not an
obvious address given the user's hostname.
It probably is useful to perform checks on those addresses, to verify
that the administrator of the domain allows the sender to claim an
identity under the domain. If such an authorization check fails,
forgery is just one possible explanation.