Hi !!
Supose a new extension to SPF that specifies that the domain foo.com uses a
special coded envelope sender that has to be verified by a callout, i.e
if you get code=spf_ in the SPF record for foo.com:
- reject any envelope sender that does not begin with spf_
- if the envelope sender begins with spf_ then connect to any foo.com mx
server and check if the envelope sender exists (either by using VRFY or
by trying a RCPT TO using a null envelope sender)
Any foo.com outgoing email server that announces such this extension must
only use envelope senders that begins with the announced prefix when
sending locally generated mail (either true locally or from authenticated
users). When coding a envelope sender it should be able to reverse map
that coded envelope sender to the real envelope email address (just to be
able to deliver email to that user) and indentify the time when this
coding was produced. This way it could expire coded envelope senders.
This idea is just another 'cookie' based idea, it keeps the sense that the
envelope sender is the return path and takes advantage that the envelope
sender is only used by MTA's and not shown on MUA's. It will work with any
non SPF compliant MTA and will not break forwarding. SPF compliant MTA's will
only need to do sender rewriting (coding) and recipient check (decoding).
As far as I know this is not too complicated and, i.e, exim is capable of
this without any patching.
--
Best regards ...
Put on your seatbelt. I'm gonna try something new.
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡