Bill Sommerfeld <sommerfeld(_at_)sun(_dot_)com> wrote:
I have not been able to find a concise description of exactly what havoc
will ensue
wayne <wayne(_at_)schlitt(_dot_)net> wrote:
Also, one of the open issues with SPF is the ability to deal with
forwarded email. One of the most promising solutions to this problem
will break if the MARID proposal is used. See section 9.3.1.2:
http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-02.html#forwarding
To expand on what wayne said, the hack described in 9.3.1.2 allows SPF
and systems like BATV (http://mipassoc.org/batv/) to work very nicely
together. The problem occurs if the SPF record is interpreted according
to Sender-ID and the PRA is used instead of the return path. Techniques
like BATV distinguish between the return path and other sender-related
email addresses, such that those addresses in the message header used by
Sender-ID do not include the crypto token. Therefore the stunt DNS server
that handles the SPF lookups will cause Sender-ID implementations to
reject the message because they will not include the crypto token in their
queries.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf