On Jan 14, 2004, at 8:45 PM, Rob Kaper wrote:
On Wed, Jan 14, 2004 at 11:17:49PM -0500, Meng Weng Wong wrote:
Message content outside the signed area should be discarded by the
receiving MTA.
Wouldn't it be sufficient to just sign a Message-ID/From combo, to
reduce
overhead? We're only interested in verifying sender identity here, not
entire messages.
Eh, you'll need a timestamp too and then have recipients reject mail
older than N hours. Otherwise it'd be easy to pick up some signed
Message-ID/From combos from a mailing list and use it to spam a billion
other addresses.
--
http://www.askbjoernhansen.com/
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡