On 5 Mar, 22:56, Boyd Lynn Gerber <gerb...@zenez.com> wrote:
> After RFC 821 was mutilated by RFC 1123 email could be forged.
> Forwarding was broken by RFC 1123 5.3.6(a) about 19 years ago. *The
> spammers figured it out about seven years ago. *The concept of
> "forwarding" as it was known before RFC 1123 5.3.6(a) does not work any
> more, "forwarding" is now a part of the problem, like open relays.
>
> Because people want to forward email and the ability to track them was
> removed. *People now can and do forge email. *It has become a major
> problem just like open relays. *Something has to change. *SPF put backa
> way to tell if an email was forged.

This is the wrong newsgroup for this topic, op on ove to the network
abuse discussion groups for this topic.

And there are some usable technologies to actually handle the
forwarding problem, which is that the "bounce" address for a message
does not get reset by the forwarding server to bounce back to the
forwarding server itself, which should then pass it back to the
message submitter. The result is that no one can easily tell the
difference between a forwarded message and a faked one with a
different "bounce" address, inundating the rest of us with the bounced
spam.

There are technologies to store a registry of incoming email, encode
the "bounce" address going out, and allow the forwarding server to
decode the bounce message and get it back to the recipient. It's not
well integrated yet with major SMTP servers.