On Tuesday 03 February 2004 1:53 am, Philip Gladstone wrote:
My personal feeling is that this a bit out of scope for SPF. One of the
factors that worries me is that it requires that the filtering be done
in real-time. Currently, implementations using SPF can perform the
checks after the delivery has taken place. This would not be possible
with %{u}.
Ah! An excellent point. I have now heard two sensible objections. The other
one is the 'no tcp please' argument.
Well, if you know what the SPF record looks like at the time of receipt, you
can choose whether or not to gather an identd response (I think some SMTP
servers can already be configured to do this anyway).
If you don't know what the SPF record looks like at the time of receipt, how
do you know that the host was authorized at that time? You only know what the
SPF record looks like some time later, which may be completely different.
Bear in mind that one of the uses of exists and short-TTL responses may be to
authorize hosts on dynamic IP's, and you may be wrong in assuming that
implementations using SPF can perform the checks after the delivery has taken
place...
- Dan
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡