Doug, On Wed, 25 Feb 2009 00:10:21 -0800, Doug Otis wrote: > The Sender-Header-Auth draft clouds what should be clear and concise > concepts. Organizations like Google have already remedied many of the > security concerns through inclusion of free form comments. For the sake of being thorough, I looked into this. A lead mail engineer at Gmail (I assume you're referencing Gmail and not Google's internal mail) tells me their inclusion of the relaying IP address as a comment in their Authentication-Results header fields has nothing to do with any sort of remedy in reference to any concerns they have about the specification. It is for use by some other internal processes (which he was not at liberty to discuss further). Since you cited a plurality, do you have any other specific examples? _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf