-----BEGIN PGP SIGNED MESSAGE-----
David Woodhouse wrote:
On Wed, 2005-07-06 at 09:52 -0500, Daniel Taylor wrote:
So, your system forwards e-mail then?
If so, how can I tell the difference between a valid forward
through your system and an outright forgery?
Because the valid forward has a BATV address which passes SMTP callback
validation, and has a valid DKIM signature, and is GPG-signed by the
sender. For example.
So you are asking me to alter my system so that I can support
your service while preventing forgery of my domain.
Answer that question and you understand my position.
The question is answered... your position remains somewhat opaque.
I want to prevent forgery. If I get mail from hotmail.com, aol.com,
example.org, or vocalabs.com I want to have a reasonable first-level
assurance that that is actually where it is from.
The cheaper in CPU/$$/Bandwidth I can get this assurance the happier
I am. SPF makes me happy. DKIM, SMTP Callback, BATV, and other methods
don't make me nearly so happy. They are all more expensive in one or
more areas, and require more extensive surgery on my servers.
That clear enough for you?
Daniel Taylor VP Operations Vocal Laboratories, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----