On Thu, 9 Sep 2004, Hallam-Baker, Phillip wrote:
Looks to me as if you can still deploy an SPF record that says
that A, B & C are authentic university of Cambridge mail servers.
What you are saying you cannot do is to add a final -all to
exclude the universe of all other mail servers.
That's pretty worthless. What we need is a method of identifying
forgeries, not a method of identifying legitimate email.
That is why most people who are going to use a whitelist are
going to outsource the process.
VeriSign has started making the Verified Domains List available
to qualified anti-spam companies and we plan to make it available
to everyone via a DNS publication mechanism in the near future.
Both services are free.
I can't find any information about the VDL on the web. It sounds like a
list of domains whereas what we need is a list of MTA IP addresses.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
ROCKALL: EAST 4 OR 5 BECOMING CYCLONIC, THEN NORTHWEST 5 TO 7, PERHAPS GALE 8
LATER. RAIN LATER. MODERATE OR GOOD.