--On Mittwoch, Februar 04, 2004 19:48:55 +0000 Dan Boresjo
<dan(_at_)boresjo(_dot_)demon(_dot_)co(_dot_)uk> wrote:
Of course the main advantage of SF is the ability to reject during the
SMTP dialogue, but in a larger setup it is nice if you can distribute
different functions to different servers (MX, virus scanner, spam
analyzer, SPF) which using ident in SPF would hinder (only a little
bit, but it is a matter of principle).
Does ident prevent this?
Yes.
AFAIK all you need is the port number and ident
will give you the account name attached to it.
You have to give a pair of <clientport, serverport>, the ident-lookup
has to be made from one of these hosts while the original connection
still exists.
So you could theoretically delegate SPF checking to a dedicated server
but this dedicated system could not make any ident lookups for
connections terminating on one of the MXes.
Defining the %u macro would block any separation of SPF checking from
the receiving machine.
Ralf
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡