On 2/7/2010 4:16 AM, Daniel Feenberg wrote:
For this reason the MTA operator would probably want to discard messages
to the arf reporting address unless they were submitted via the MSA
submission port, or came from inside the MTA operators own network.
The question of differentiating between reports that come from within the
operator's trust boundary, versus from outside of it, is certainly reasonable to
worry about for a reporting mechanism like this.
Exactly how to resolve that question might be easy or difficult, probably
depending upon tradeoffs between false rejection of reports vs. false acceptance
of them...
For some environment, I'd expect your simple rule to be entirely adequate.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg