Re: recent spam to this list
Julian Mehnle wrote:
> Andreas Metzler wrote:
> > Julian Mehnle <firstname.lastname@example.org> wrote:
> > > It's about forging an e-mail sender's identity. By preventing
> > > the unauthorized use of domains as the sender domain of e-mails,
> > > most of the practiced cases of identity forgery are prevented.
> > > [...]
> > If I send an e-mail over mail.nusrf.at with envelope-from
> > email@example.com I am _not_ forging anything or making
> > "unauthorized use of domains"
> Yes, you are. The envelope-from address is not a reply-to address,
> it's a sender address. If you are sending from mail.nusrf.at, you
> are not sending from logic.univie.ac.at. So you should not specify
> <firstname.lastname@example.org> as the envelope-from address, or you'd
> be forging it.
OK, I think I've thought of a sort of a counter-example:
I have a private server, and an account there.
I have a friend with a private server, but I do NOT have an account on
that box. (Unlikely but possible; I can think of one real-world case
amongst people I know running private servers.)
While at a LAN party at that friend's place, I check my mail on my
server, and decide I want to reply to some of the messages.
Since we're both on semi-dynamic IPs (connected 24/7, but not formally
assigned static IP addresses), I haven't allowed SMTP relay from the IP
my friend's server is on, because I don't really know what it is
today/this week/this month. But his server allows relay mail from
machines on his private network, so I use his server as a relay for my
I'm sending "from" myfriendsdomain.com's server, but I don't have an
account there. I do, however, have an account email@example.com on
my own server- to which I want all replies/bounces/etc to go to.
I'm not sure this actually has any direct relevance to this dicussion
(which I gather is about a DNS-ish way to restrict which machines can
relay mail for any particular domain, according to the wishes of that
domain owner), but I think it might be a useful example.
<erno> hm. I've lost a machine.. literally _lost_. it responds to
ping, it works completely, I just can't figure out where in my
apartment it is.