Path validation
From ASRG
Techniques that match up the apparent sender of a message with the path via which it arrived.
- SPF (Sender permitted from)
- SRS (Sender Rewriting Scheme)
General issues
Internet mail is designed to make message delivery independent of the path a message takes. Although much, perhaps most, mail is sent from hosts managed by the same people that manage domains in a message's header or envelope, there are a variety of well known situations where mail can legitimately arrive via other paths. Some of these situations are:
- Courtesy forwards, e.g. professional organizations and college alumni assocations. They remail messages to a recipient's actual address, so the recipient system sees the message originating at the forwarding site.
- Users of courtesy forwards. Since courtesy forwards tend to be inbound only, users send mail from their own ISP with the courtesy forward address.
- Mailing lists. Messages are resent from the list host.
- Mail-an-article and kiosks. Web sites allow users to send limited amounts of mail manually entering To: and From: addresses.
- All-in-one web mail: Web mail systems including Yahoo and Google Gmail allow users to collect mail from other mailboxes via POP or IMAP and send mail with those mailboxes as return addresses.