This probably belongs to ASRG, not only because MARF has finished, but
also because a *Taxonomy of reporting targets* should be hosted
somewhere, and I'm unable to think of a better place than this list's
wiki.
Opinions?
-------- Original Message --------
From: vesely(_at_)tana(_dot_)it
Date: Tue, 08 May 2012 12:56:10 +0200
To: marf(_at_)ietf(_dot_)org
Subject: SPF's helo identity as a reporting target
Hi all,
someone on the spf-discuss list noted that the smtp.helo is often of a
different type than the domains usually branded in smtp.mailfrom,
header.from, and dkim.d. That's because it seems to be quite common
to outsource mail relaying as well as MX services. This situation
characterizes relaying services as third parties that might manage
complaints and/or enforce policies, much like ESPs and ISPs.
MARF-AS generically allows any "domain that has been verified by the
[relevant] authentication mechanism", as well as "Abuse addresses in
WHOIS records of the IP address".
Would it be feasible to correlate auth methods' properties to roles,
in general? For example, ESPs normally wouldn't outsource mail
relaying, since it's their core business. Thus, sending a complaint
to abuse@_smtp.helo_ could be a way to target any involved ESP.
Just mumbling...
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg