> > > - many ISPs won't let you forward or submit mail through someone else's > > > SMTP server, even if you have permission to do so. so you can't > > > forward your mail through your "home" ISP's mail server to allow the > > > "mail from" check to work. > > > > in that case you'd be wise to not insert a MAIL-FROM MX for your domain. > > what this seems to require is to have different sets of domains for > use in MAIL FROM addresses - those for which source verification can > be expected and those for which it cannot. yes. > there are some current domains which are naturally and exclusively in > the former category - say hotmail.com; but most domains are probably > not exclusively in either category. yes. > so it would require establishment of new domains and reconfiguration > of systems to use those domains to be effective - along with the > educational effort that this entails. i think most of the reconfiguration effort would be around existing domains. > and it would still leave a significant portion of mail without a way > to identify its source. so far, working toward a single solution that covers all cases and is easy ("low cost") for spam victims and infrastructure owners to take part in, has not worked. what you see in the mailfrom "draft" is just a "point solution." i am reminded by this thread that the most powerful force on the internet continues to be a single voice saying that something cannot be done.