At 15:52 09-10-2008, Murray S. Kucherawy wrote:
Just for the sake of trying to cover all the bases:
Are there any easily-adopted (or adapted) methods we could at least
reference to cover the area of auto-configuration, such as secure
discovery of which MTAs are considered "internal" in the context of
Authentication-Results?
DHCP comes to mind but I don't think it includes provisions for
discovery of inbound or internal MTAs, or what authserv-ids they might use.
DHCP has email configuration options (SMTP, POP3, IMAP). If we want
to get into secure discovery, then we may need TLS. All the tests
are geared towards which MTA is responsible for injecting the
message. It doesn't say anything about whether the content can be
trusted when it comes to conducting financial transactions. The
Security section is ample warning of how much we can push into this header.
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html