----- Original Message -----
From: "Shevek" <spf(_at_)anarres(_dot_)org>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Sunday, February 15, 2004 3:23 AM
Subject: Re: [spf-discuss] A couple of thoughts
On Sat, 14 Feb 2004, Mark wrote:
SRS-signing outgoing messages is easily implemented an ISP. And as
soon as they have done that, they can configure their inbound MTA to
reject incoming bounces which are not to SRS-signed addresses.
Brilliant! I really like this idea.
There is only one problem with it: in new SRS format, using = instead of
+, it cannot be used in a Milter. :( Because even when you SMFIS_ACCEPT
an SRS address at envrcpt_callback, the SRS recipent will fall thru to
sendmail, who will reject it after all:
550 5.1.1 <SRS0=o8XU=Cu=asarian-host.net@'ÛadÑþ[y>... User unknown
That could have elegantly been solved, using a trick with sendmail's
"plussed users" capability, where I would create a dummy alias like
this:
SRS0+*: dummy(_at_)test(_dot_)com
Which would make all SRS0+ addresses valid to sendmail (reject would
occur at the Milter). The + sign after the SRS alias just happened to
coincide with sendmail's plussed user functionality. It would have been
a wonderful solution. Alas; now that Shevek changed the spec to "SRS0=",
none of this will work any more. ;(
I thought you could specify OperatorChars in sendmail.
You can. But you cannot use it to change the + character in the plussed user
facility. Funny thing is, sendmail does have a wildcard *, but it can only
be used in conjunction with the + character:
john+*(_at_)doe(_dot_)com
Will work (for john+a@, john+ab@, etc.) But,
john*(_at_)doe(_dot_)com
Will not.
You will be glad to know that version 0.19 will permit you to specify the
initial character of your SRS addresses, therefore this feature will once
again become available.
Great!! Really useful. Thanks.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx