[dmarc-discuss] Several remarks

Tanguy Ortolo tanguy+dmarc at ortolo.eu
Tue Jan 31 08:35:47 PST 2012 

Michael Adkins, 2012-01-31 16:18+0000:
> On 1/31/12 8:03 AM, "Tanguy Ortolo" <tanguy+dmarc at ortolo.eu> wrote:
> >Okay, I saw that. Is that open for discussion? Because multiple people
> >in the From field is currently both legal and useful in common use
> >cases, and I guess this is one of the major reasons why the Sender field
> >existsŠ
> 
> Can you site some use cases where there are commonly multiple From:
> addresses?  I remember us talking about this issue, but I don't think we
> were able to come up with any.  I also don't think we were able to find
> any significant volume of legitimate mail that contained multiple
> addresses.

There is a quite common use case I already experimented myself. Alice
<alice at example.com> and Bob <bob at example.org> are organizing a party. To
invite their friends, they write a message together. Of course, only Bob
(or Alice, but this time it is Bob) is actually using the keyboard and
pressing the button to send it.

Here, the most appropriate way to fill this message's header is:
    From: Alice <alice at example.com>, Bob <bob at example.org>
    Sender: Bob <bob at example.org>
    To: Whoever
    Subject: Party on 2012-02-04

When this is not possible, it is usually worked around by using the
following degraded version:
    From: Bob <bob at example.com>
    Reply-To: Alice <alice at example.com>, Bob <bob at example.org>
    To: Whoever
    Subject: Party on 2012-02-04

However, this degraded version is not as accurate as the natural one,
since it does not represent the reality (this message is from Alice and
Bob together) but instead gives an improper impression (this message is
from Bob alone and Alice is interested in getting the replies too).

Now, the volume of legitimate mail formated with way is probably very
low indeed, because there are few MUAs that are designed to implement it
on the sender side (on the recipient side, it works like a charm,
though, that is: the two authors are displayed, sometimes the sender is
indicated too, and replies go to all the authors by default). But the
volume of illegitimate mail formated this way is probably null, because
that has absolutely no added value for a spammer.

-- 
Tanguy Ortolo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120131/ade77ac1/attachment-0001.pgp>

More information about the dmarc-discuss mailing list