On Fri, 2004-12-10 at 16:44 +0000, Tony Finch wrote:
On Fri, 10 Dec 2004, David Woodhouse wrote:
Thanks for doing this, it saves me from having to :-)
:)
Some quick notes from five minutes' testing -- accept your own hostname
in HELO even when it comes from 127.0.0.1, and don't screw up cutting
and pasting your SRV records in the zonefile...
_client._smtp.canuck.infradead.org SRV 1 2 0 phoenix.infradead.org.
This is a CSA implementation. CSV = CSA + DNA.
Right.
You should probably use $acl_c variables, since CSA is related to the
connection not individual messages.
I thought about that, but in fact none of the variables I'm setting are
worth keeping. If I were to decide it's a bad HELO but give people a
chance to send mail to postmaster@ anyway, then I'd want to set a flag
in an $acl_c variable, but I'm not doing that yet. Likewise if I were
doing a DNA lookup, that would be worth keeping too.
You've misunderstood the division of responsibility in CSV.
Maybe, but mostly I think it's just the terminology I've
misunderstood :)
I fail to understand the point of the "don't authenticate me" option in
CSA, and what implementers are supposed to do with that kind of CSA record
that's different from the absence of a CSA record. I *think* you should
just throw away CSA records with weight=3.
Maybe, but since it's so confusing I don't _quite_ know what people will
use it for, and for now I suspect that means I should be _accepting_
mail. Err on the side of caution.
Btw, is my record for 'infradead.org' sane? It seems to have the desired
effect, but is there a better way to do it?
@ IN PTR _vouch._smtp.csv_vouch
_client._smtp IN SRV 1 1 0 localhost.
infradead.org.csv_vouch IN TXT "MARID,1,E"
--
dwmw2