[Top] [All Lists]

Re: [mail-vet-discuss] draft-kucherawy-sender-auth-header and last call draft-hoffman-dac-vbr-04

2008-11-11 13:10:28

On Nov 10, 2008, at 12:05 PM, Scott Kitterman wrote:

Actually it doesn't require a separate IP.  I think your sense of  
actual operational options to ensure users don't forge each other is  
somewhat limited if that's the only approach you can envision.

What practice would you recommend in this regard?  Since the  
Authentication-Results header can easily abuse SPF records by having  
these misapplied against PRAs defined by Sender-ID, how would one  
ensure more than just MailFrom is constrained?  What steps would you  

NOTE WELL: This list operates according to 

<Prev in Thread] Current Thread [Next in Thread>