Is this cookie validation occuring during the incoming SMTP connection
(before DATA)? Could this open a DoS hole or lead to possible deadlocks?
Or should intermediate MTA's receive the entire message into a sequestered
queue for cookie validation before passing them along?
On Tue, 7 Oct 2003, David Saez wrote:
- If the dns lookup does not yield the ip address of the remote
party then the cookie has to be validated at the ip address
that results from the dns lookup. The validation is done via
smtp by connecting to the remote server and issuing the new
smtp command 'TEST COOKIE' using as the arguments to this
command the cookie id, the envelope sender and the ip address
of the remote host that used the cookie in the MAIL FROM
command. If the remote server validates the cookie the message
could be accepted, if the cookie is not validated the the
message could be rejected. If the remote server does not
announce itself as COOKIE capable then this check must be
skipped. Once the cookie has been validated, the remote server
must update it's records so the ip address of the host that
request the validation is associated with that cookie.
--
Andrew B. Sweger -- The great thing about multitasking is that several
things can go wrong at once.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡