On Sat, 14 Feb 2004, Mark wrote:
SRS-signing outgoing messages is easily implemented an ISP. And as soon as
they have done that, they can configure their inbound MTA to reject
incoming bounces which are not to SRS-signed addresses.
Brilliant! I really like this idea.
There is only one problem with it: in new SRS format, using = instead of +,
it cannot be used in a Milter. :( Because even when you SMFIS_ACCEPT an SRS
address at envrcpt_callback, the SRS recipent will fall thru to sendmail,
who will reject it after all:
550 5.1.1 <SRS0=o8XU=Cu=asarian-host.net@'ÛadÑþ[y>... User unknown
That could have elegantly been solved, using a trick with sendmail's
"plussed users" capability, where I would create a dummy alias like this:
SRS0+*: dummy(_at_)test(_dot_)com
Which would make all SRS0+ addresses valid to sendmail (reject would occur
at the Milter). The + sign after the SRS alias just happened to coincide
with sendmail's plussed user functionality. It would have been a wonderful
solution. Alas; now that Shevek changed the spec to "SRS0=", none of this
will work any more. ;(
I thought you could specify OperatorChars in sendmail.
Anyway, this point has been raised a few times, and we have addressed it.
You will be glad to know that version 0.19 will permit you to specify the
initial character of your SRS addresses, therefore this feature will once
again become available.
[Unfortunately I forgot a para in the documentation in the latest upload,
v0.19, which contains this feature. However, hopefully it's obvious, and
the para will be in v0.20 probably tomorrow.]
S.
--
Shevek http://www.anarres.org/
I am the Borg. http://www.gothnicity.org/