My take on localpart is that is mostly useful as a logging mechanism. If
I (as an administrator) am trying to deploy SPF, then I will start out
with softdeny (or even allow). Using localpart allows me to tell who is
sending mail that would (in the future) be denied. For example, I might
have:
v=spf1 a ptr mx localpart default=softdeny
This would tell me (from my DNS logs) which users were sending mail from
non-approved locations. I can then decide whether to add that location
to the list or add an override for that user. In fact the current scheme
doesn't (quite) allow me to associate the sending MTA with the user --
the two lookups are just close together in time.
An alternative approach might be to have a macro scheme -- e.g.
lookup:%ri.%ru.%d and if this returns an address then the allow is
taken (where %ri is reversed %i and %ru is reversed %u). The issue here
is what to do when the lookup string gets too long........
This might subsume a bunch of other methods: rhs, localpart, the
whitelist rhs.....
This mechanism also allows me to implement arbitrarily complex rules on
the server side with a custom DNS server.
Philip
Meng Weng Wong wrote:
The most vocal objections to SPF have come from power users who want to
be able to send mail from their laptop anywhere they go.
The LocalPart mechanism was introduced to mollify them. Besides, it
seems like a good idea in general. However, I am reconsidering this
mechanism for two reasons.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡