Meng Weng Wong wrote:
On Mon, Oct 27, 2003 at 11:23:33AM -0600, Dustin Trammell wrote:
Assuming you wait until they are all in the fold before changing
softdeny to deny, and since softdeny still delivers the email in
question and adds a Received-SPF header, could you not just parse
all incoming emails for this header and determine which were to be
denied based on the header?
sure, but why bother parsing all incoming emails when a
report-compatible client can just write to syslog for later grepping?
The only difference I see is who your relying upon to generate the
report. Parsing mail at your MTA for the Received-SPF header is
controlled by you, and will account for all (pre-sunrise) emails that
would be denied. By relying on the report directive, you are expecting
third parties that perform the SPF checks to generate the report, and
send it to you. I'm not saying that most implementations won't, but
there will be a few, and those will be emails that you will not be aware
of.
---
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ë�ù1I�í-»F�qx(_dot_)com