Jose-Marcio Martins da Cruz wrote:
Ther's a big difference between VPNs and consent.
VPNs are really private - information about VPNs instances (IP address
of entry points, protocol, flavour, ...) aren't public and aren't
available to unknown users.
They are available to allowed users (nearly) transparently. Once it is
properly setup, users can run "internet" software that uses the
existing connection --obviously including SMTP.
Consent users information is public : Claudio Telmon email address is
public and known by everybody.
However, it is not enough to set up consent at the local server. Each
user has to take care of tokens management in order for it to work.
That's one way that consent pushes the problem to users.
AFAIK, there is no way SMTP can be configured so that a given sending
location can be whitelisted. One can try and detect what MTA sends the
message and whitelist specific filters, presumably doing detection by
the IP address of each mailout. That's much like VPN: being at a
higher level doesn't ease the task. For example, assume someone trusts
Gmail's egress filtering and wants to skip content filtering for mail
coming from there. What work is required to accomplish (and maintain)
that task, on typical MTA software?
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg