Alexey Melnikov wrote:
SM wrote:
At 02:38 10-10-2008, Alexey Melnikov wrote:
I am still trying to get my head around this, but I am thinking that
defining a new ESMTP capability for "I provide authentication services
and strip bogus Authentication-Results header fields" would be a half
hour job, so why not do that?
See
http://www.ietf.org/internet-drafts/draft-kucherawy-sender-auth-esmtp-01.txt
Yes, saw that.
I was under impression is that if an MTA implements SMTP AUTH and
strips bogus Authentication-Results header fields, then it doesn't
need to implement the whole draft-kucherawy-sender-auth-esmtp-01.txt.
Or rather "one wouldn't necessarily want to implement the whole
draft-kucherawy-sender-auth-esmtp-01.txt".
But if the intention is that draft-kucherawy-sender-auth-esmtp-01 is the
mechanism for discovery, then the auth-header draft needs to be explicit
about that in the Security considerations section.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html