ietf-mxcomp
[Top] [All Lists]

RE: RE: RE: RE: Can you ever reject mail based on RFC2821 MAIL FR OM?

2004-04-28 16:32:08

-----Original Message-----
From: Jon Kyme [mailto:jrk(_at_)merseymail(_dot_)com]

> > I think we also need a completeness indicator, so you can
> > say 'this is the complete set of my outgoing MTAs or
> > these are member of the set of my outgoing MTAs'.
>
> OK, I'll bite. What's the advantage in listing only a proper subset?

If there is an authorization mechanism in place at the receiver
end you can still take the benefit of accreditation even though
you might not be able guarantee that you were able to list out
every one of your legitimate edge email servers.


Right, but wouldn't a "wildcard" or universal record (with an
accreditation  modifier) give you the same benefit?
Or even a "bare" accreditation assertion? (empty set)

What am I missing here?

--"Olson, Margaret" <molson(_at_)constantcontact(_dot_)com> wrote:

It's not just the edge servers; it's all the many outsourced providers
too and all of their servers.



I agree with you (and Harry and Wayne) that there is a benefit in being able to differentiate the cases:

1. These are our outgoing MTAs (though there may be more), from
2. These are our outgoing MTAs (and any other source is considered forged)

All the reasons Margaret listed are valid.

Also I agree with Wayne that it's nice to have something like the SPF exists:+macro thing so you can log everything for a week or two without rejecting anything and then go back and see if you missed anything. (Actually I think DMP can do this too, just turn on query logging, though you won't capture as much info)

P.S. I wonder whose mailer keeps adding RE: to the subject... is that yours Margaret?

later


--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>


<Prev in Thread] Current Thread [Next in Thread>