----- Original Message -----
From: "Matthew Elvey" <matthew(_at_)elvey(_dot_)com>
To: "Hector Santos" <hsantos(_at_)santronics(_dot_)com>
Sent: Sunday, December 05, 2004 12:52 PM
Subject: Re: A new SMTP "3821" [Re: FTC stuff...........]
The above was an example of a MIX policy.
CSV presumes to validate the client domain name when it is possible there
is
an incoming ESMTP AUTH session
That is false, to my reading of the specs:
"To validate an SMTP session from an unknown sending SMTP client" is
from the fourth line of the main spec.
If there's an incoming ESMTP AUTH session, then there is no "unknown
sending SMTP client", only a "known sending SMTP client".
What language would you suggest since this isn't clear enough?
The language is fine.
The point is in order to accomplish this, the CSV (and others) state machine
must be based on a delay design mechanism.
Do I need to explain this?