Michael Thomas wrote:
On 08/17/2010 04:08 AM, Ian Eiloart wrote:
Yes, out Exim/Spamassassin installation does DKIM (but not
ADSP) evaluation during the SMTP session.
I'm not positive, but I believe that Ironport does it that
way too.
Is there anybody who *doesn't* do DNS lookups at SMTP time these
days? That's all DKIM really amounts to, and the entire mail
infrastructure would seize if we weren't (cf, blacklists).
In the past, I followed how implementations of SPF was being done - at
SMTP or post acceptance. I recall it was interestingly spread out
depending on the software being used. Most of the MTAs that allowed
embedded hooking with programming scripts had scripts available and
others used general 2822 text file mail bot SPF scripts.
But I've also followed other MTAs such as YAHOO, AOL, MSN.COM,
gmail.com and so on, where you definitely saw a shift towards DATA
level rejections than in the past.
The only issue overall between the two was how the ENVELOPE
information was read or written into the 2822 file for post smtp to
read. In general, you could get this from the top Received: line
stamped by the MTA (a requirement), but other MTA add specific syntax
envelope info at the top before the 2822 blocks.
At the SMTP level, you don't need to work about that but generally,
the scripting language is proprietary to the MTA engine in use.
So POST SMTP scripts tend to be more general and made to work with for
most MTAs, with no or little change.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html