On Tue, Mar 09, 2004 at 09:10:37PM -0600, wayne wrote:
| I think it is likely that there will need to be completely separate
| proposals for:
| 1) The "is this IP address authorized to be an MTA?" question.
| (e.g., MTA-Mark, SS, DUL lists, etc.)
| 2) The "is this IP address authorized to use a given domain name in
| the MAIL FROM (and HELO) address?" (e.g. RMX, SPF, DMP, etc.)
| 3) The "is this From: header from who it claims to be from?" (GPG,
| S/MIME, DomainKeys, Caller-ID, etc.)
I agree that these are three related but distinct areas; each deserves
(1) has one dimension: is an IP address allowed to send mail?
(2) has two dimensions: is an IP address allowed to send mail *for a
I prepared two documents for the Seoul BOF in which I tried to emphasize
the distinction between (1) and (2) above.
This little diagram may help illustrate the differences visually.
Today, DNSBLs filter along the IP dimension only.
In the future, with wide deployment of an SPF-like system, I hope that
accreditation and reputation services can help filter on the second
dimension as well.