Julian Mehnle <[EMAIL PROTECTED]> wrote:
> Andreas Metzler wrote:
>> Julian Mehnle <[EMAIL PROTECTED]> wrote:
>> > It's about forging an e-mail sender's identity. By preventing the
>> > unauthorized use of domains as the sender domain of e-mails, most of
>> > the practiced cases of identity forgery are prevented. [...]
>> If I send an e-mail over mail.nusrf.at with envelope-from
>> [EMAIL PROTECTED] I am _not_ forging anything or making
>> "unauthorized use of domains"
> Yes, you are. The envelope-from address is not a reply-to address,
> it's a sender address. If you are sending from mail.nusrf.at, you
> are not sending from logic.univie.ac.at. So you should not specify
> <[EMAIL PROTECTED]> as the envelope-from address, or you'd
> be forging it.
No, I am just specifying where I want bounces to go to.
MAIL FROM:<reverse-path> [SP <mail-parameters> ] <CRLF>
This command tells the SMTP-receiver that a new mail transaction is
starting and to reset all its state tables and buffers, including any
recipients or mail data. The <reverse-path> portion of the first or
only argument contains the source mailbox (between "<" and ">"
brackets), which can be used to report errors.
That is practically all there is in rfc2821 about this issue.
cu andreas
