Paul Smith wrote:
mouss wrote:
That's fine, as it doesn't seem that the remote server is supposed to
gain any benefit. It's the spoofed domain's MTAs which can gain the
benefit.
but then why standardize the format? anybody can use "internal
aliases" of any form (aka disposable addresses).
That's my view as well. A standard return path syntax (eg
'batv=<key>=<orig-local-part>@<domain>') is a good idea as it allows the
original local part to be extracted if necessary, but beyond that,
there's no point to a standard format for private keys.
"Extracting the local part" is obviously an interpretation of the
local-part, which would break section 2.3.11 of 2821bis, as SM
noticed. I don't recall anything in the standard that deprecates equal
signs in the local-part.
Section 4.1.1.2 additionally states that "The reverse-path consists of
the sender mailbox", not a variation thereof. That wording apparently
bans using time-varying tags, unless we reinterpret BATV as a
redistribution service for ephemeral ad-hoc lists, in the sense of
section 3.9.2 (but beware poor subscription policies.) A rather
cumbersome way to standardize things.
