Things I would want to be able to do if I ran AOL....

If I ran AOL, then I would be interested in preventing the use of aol as 
source domain for spam. My problem is that I have lots of users and some 
of them send mail from anywhere, but the majority do not.
I also do not want to kill any legitimate mail.

How about something like:

* any user can send using aol's servers. This gets the majority of the mail

* Now lookup    %{u}.%{i}.spf.aol.com. Write some special code that says 
that anybody can send up to 100 messages per day per source IP address. 
Each IP address must not send more than 1000 messages per day anyway. 
Also, all users must be valid AOL users. When you respond with the 
record, give it a 10 second TTL. If the AOL user configures their 
account suitably (checks a checkbox), then give them a free ride.
This seems to implement a reasonable policy, but it requires some 
significant hackery in a custom DNS server. This makes it desirable that 
we have a sample implementation of a server processing module that could 
implement a policy like the above.
Philip

p.s. Yes, the signature is broken on my email, but it turns out that the 
mail forwarder changes my source email address (to the primary one that 
I registered, rather than the one that I use).
--
Philip Gladstone
* Check out the live pondcam at http://pond.gladstonefamily.net

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.6.txt
To unsubscribe, change your address, or temporarily deactivate your subscription, 
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

smime.p7s
Description: S/MIME Cryptographic Signature