On Tue, 17 May 2005 16:42:27 PDT, David MacQuigg said:
ID bigforwarder.com
MAIL FROM:<bob(_at_)sales(_dot_)some-company(_dot_)com>
Checking the TXT record at _AUTH.bigforwarder.com.ID-check.net gets a
response:
svc=S1:A,M2:A,H1+:B dmn=QR1,SPF1+5,DK2
QR1=ip4:?170(24.30.23;24.28.200;24.28.204;24.30.18;24.93.47;24.25.9),
+4(65.24.5.120;24.94.166.28;24.29.109.84;66.75.162.68;24.24.2.12)
DK2=dk:MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5
o6lMIgulclWjZwP56LRqdg5ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7
EXzVc+nRLWT1kwTvFNGIoAUsFUq+J6+OprwIDAQAB
The supported methods are QR1, SPF1, and DK2. QR1 makes no demands on any
other identities. It just says "Any IP outside these blocks is not
us." SPF1 requires that either the MAIL FROM or the HELO identity match
the declared Identity, and DK2 calls for a signature check using the public
key provided in this record.
You're *still* missing the point. All you've done is pushed it into a *huge*
DNS
record. Or multiple huge DNS entries, more likely.
Describe how to configure this to support the following:
1) 3 domains test1.com through test3.com, which could each be sourced from
either mail-out.testN.com or bigforwarder.com. Test1.com and test2.com support
SPF, test3.com doesnt..
In addition, test1 and test3 support your AUTH scheme, but test2.com doesnt.
2) In addition, bigforwarder.com is the only host for test4.net through
test6.net, each
of which has a separate DomainKey.
How many _AUTH entries did you need here?
OK. That too simple?
Describe how to do it for Postini or Comcast.
pgptIqVaMz6LZ.pgp
Description: PGP signature