spf-discuss
[Top] [All Lists]

Re: A couple of thoughts

2004-02-14 13:14:54
----- Original Message -----
From: "Brian Candler" <B(_dot_)Candler(_at_)pobox(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, February 13, 2004 4:34 PM
Subject: [spf-discuss] A couple of thoughts

The only solution I can see is the cryptographic signing of sender
addresses, for example in the way proposed in SRS, for *all* outgoing
mails (not just forwarded mails). An ideal place to do this would be on
the ISP's smarthost, as only the ISP knows the secret value used to
generate the crypto checksums which will be validated for incoming mails.
The smarthost function is "forwarding" of a sort anyway.

SRS-signing outgoing messages is easily implemented an ISP. And as soon as
they have done that, they can configure their inbound MTA to reject
incoming bounces which are not to SRS-signed addresses.

Brilliant! I really like this idea.

There is only one problem with it: in new SRS format, using = instead of +,
it cannot be used in a Milter. :( Because even when you SMFIS_ACCEPT an SRS
address at envrcpt_callback, the SRS recipent will fall thru to sendmail,
who will reject it after all:

550 5.1.1 <SRS0=o8XU=Cu=asarian-host.net@'ÛadÑþ[y>... User unknown

That could have elegantly been solved, using a trick with sendmail's
"plussed users" capability, where I would create a dummy alias like this:

SRS0+*:    dummy(_at_)test(_dot_)com

Which would make all SRS0+ addresses valid to sendmail (reject would occur
at the Milter). The + sign after the SRS alias just happened to coincide
with sendmail's plussed user functionality. It would have been a wonderful
solution. Alas; now that Shevek changed the spec to "SRS0=", none of this
will work any more. ;(

Bummer.

Maybe we would change it to "SRS0=+"; that would make it Milter processable
again. ;)

- Mark

        System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx