In <5B734AC36BC9714EB88451E6E2F043B1155EC3(_at_)alaia01(_dot_)alaia(_dot_)net>
Marc Alaia <marc(_at_)alaia(_dot_)net> writes:
Because I can buy server-side or even client-side software to process spam
in my Exchange/Outlook environment.
I'm not a MicroSoft user, so my knowledge is pretty sketchy. However,
I seem to recall some discussions about this a while back and I seem
to recall that you *could* put SPF into MS-Exchange. It isn't as
simple as other MTAs, but it can be done.
I've also heard that running MS-Exchange as your link to the outside
world is A Bad Idea. Instead, you should run something like
sendmail/postfix/exim/whatever and then relay the email through your
firewall/DMZ to your MS-Exchange server. Again, I don't have a lot of
firsthand knowledge about this issue, it is hear-say.
And I don't see Microsoft modifying
their Internet Mail Connector to include SPF at SMTP time. Not in the next
10 years anyway.
Stranger things *have* happened....
Again, all that I'm saying is to keep the decision regarding when to process
SPF out of the specification. I have reviewed the web site and admittedly,
I can't find anything that says the SPF check must be done at SMTP time, but
the prevailing sentiment on this list is decidedly so....
I agree with you that we should keep the decision about when SPF
should be used out of the spec. SpamAssassin, which usually runs
after the SMTP session, has long been involved in SPF, so no one has
said that you *must* do SMTP time checking. However, I also think
that it is important to be *able* to do the SPF check before the SMTP
DATA command.
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡