On Tuesday 03 February 2004 2:00 pm, Hallam-Baker, Phillip wrote:
The client queries will almost certainly break because most
companies will not allow inetd queries.
Then they should not configure their domains with %{u} !!!
They will not be able to read email from a domain that uses the macro.
If they block out going DNS queries they will not be able to read mail either.
Whoose fault would that be?
The effect that you are trying to achieve here is to only allow one process
to send mail from a machine. That can be achieved far more easily by O/S
level configuration. Simply block permission to connect to port 25 outgoing
to any process other than the mail server process.
No, that would block all outgoing mail from user hosts behind the gateway
and/or user processes.
SPF is supposed to be more selective than that, by authorizing clients on a
per-domain basis.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡