Path validation

Revision as of 12:25, 22 March 2008 by Johnl (talk | contribs)
Jump to navigationJump to search

Techniques that match up the apparent sender of a message with the path via which it arrived.

  • SPF (Sender permitted from)
  • SRS (Sender Rewriting Scheme)

General issues

Internet mail is designed to make message delivery independent of the path a message takes. Although much, perhaps most, mail is sent from hosts managed by the same people that manage domains in a message's header or envelope, there are a variety of well known situations where mail can legitimately arrive via other paths. Some of these situations are:

  • Courtesy forwards, e.g. professional organizations and college alumni assocations. They remail messages to a recipient's actual address, so the recipient system sees the message originating at the forwarding site.
  • Users of courtesy forwards. Since courtesy forwards tend to be inbound only, users send mail from their own ISP with the courtesy forward address.
  • Mailing lists. Messages are resent from the list host.
  • Mail-an-article and kiosks. Web sites allow users to send limited amounts of mail manually entering To: and From: addresses.
  • All-in-one web mail: Web mail systems including Yahoo and Google Gmail allow users to collect mail from other mailboxes via POP or IMAP and send mail with those mailboxes as return addresses.