Jim Ramsay [EMAIL PROTECTED] wrote: > > I suggest a format like: > > <realuser-plus-extensions>-<tagname>-<encryptedsender>@tmda.host.name > > Where: > > <realuser-plus-extensions> corresponds to the .qmail file > ~realuser/.qmail-plus-extensions-default from where TMDA is run > > <tagname> is something like 'fwdsecure' so TMDA knows what sort of > address it is and doesn't try to challenge it > > <encryptedsender> is the original envelope sender, somehow encrypted > with the user's CRYPT_KEY so it is not forgeable or readable, but TMDA > can decrypt it if it gets a bounce with it >
In order to not have to keep state on all forwarded message, how about keeping the orginal sender in there. Something like this. bob-tmda-fwdbounce=<encryptedSend>[EMAIL PROTECTED] <encryptedSender> is just "tmda-address -s [EMAIL PROTECTED]" Upon a bounce we can confirm this message by checking if <encryptedSend> and [EMAIL PROTECTED] would match using out CRYPTKEY This of course allows the receiver to know the address that sent the message in the first place. (which I don't see as a problem) -Jeremy Rossi _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
