[ietf-dkim] on the suitability of the From header field
sm at resistor.net
Sat Aug 13 22:54:47 PDT 2005
At 12:27 13-08-2005, Keith Moore wrote:
>I strongly disagree. It is vitally important to distinguish between
>"who wrote or authorized this content" and "who authorized the
>transmission of this message to this recipient". RFC2822.From is a
>close approximation to the first, but not the second. We currently
>don't have an SMTP or 2822 field that approximates the second. (for
>various reasons neither Sender nor Return-Path/MAIL FROM is close enough).
RFC2822.From is not very effective as a means to determine "who wrote
or authorized this content".
>If end-users today are accustomed to thinking the message was sent
>by RFC2822.From, they will need to be educated, and they may also
>need better MUAs that make the distinction clear. But I don't think
>most end-users are this naive or incapable of understanding the
>difference. Mailing lists, for example, do not follow this
>convention. Nor do forwarded messages. Neither one of these seems
>to result in a great deal of user confusion.
Although I am a proponent of education and the need for better MUAs,
I don't see it making a significant difference in the short
term. Most end-users cannot understand the difference.
Most end-users do not subscribe to mailing lists and if they do, they
may sometimes report mail received from the list as spam. :) Those
who do subscribe can only understand that the mail is from a mailing
list if they see the list subject tag.
More information about the ietf-dkim