...... Original Message .......
On Wed, 06 Jul 2005 15:57:57 +0100 David Woodhouse
<dwmw2(_at_)infradead(_dot_)org>
wrote:
On Wed, 2005-07-06 at 09:52 -0500, Daniel Taylor wrote:
So, your system forwards e-mail then?
If so, how can I tell the difference between a valid forward
through your system and an outright forgery?
Because the valid forward has a BATV address which passes SMTP callback
validation, and has a valid DKIM signature, and is GPG-signed by the
sender. For example.
One thing I like about SPF is that it requires no special MTA configuration
by the sender. This makes it useable by domain owners that don't run their
own mail servers.
BATV w/callback support and DK (and presumably DKIM, although anything's a
guess since no spec has been published yet) require special outgoing MTA
provisions.
Even if I did BATV w/callback support (and it's an intriguing idea, I'm
going to look into it), there's no way I'm aware of to tell the world that
I always do that so I'd like them to treat anything that passes CBV as
authorized mail and anything that doesn't as a forgery. I'd like to be
able to do that.
Scott K