In <20040114183412(_dot_)GA6875(_at_)dumbo(_dot_)pobox(_dot_)com> Meng Weng
Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:
So we have the following (possibly conflicting) requirements:
1) we want to preserve as much as possible of the original sender in the
rewritten address, because a final recipient may want to use it.
2) we want to respect the 64 char limit.
3) we want to insert a cookie to prevent open relaying.
4) we want to avoid the use of a database where possible,
because a database requires centralization and is a single point of
failure. SPF may stand for many things, but that shouldn't be one of
them.
Plan C: database
What if the incoming email address is already at
MAX-LOCALPART(_at_)MAX-DOMAIN? You can't preserve the whole thing; you
have
to break 1 and 4 if you want to keep 2 and 3.
In order to keep from break requirement 1) too badly, all that would
need to be done is to create a simple hash of the original
envelope-from and put it in the local part. So, the format of the
rewritten envelope-from could be:
<base64_encode(CRC32($original_envelope_from))>-<unique token>@bounce.foo.com
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡