On Mon, Feb 23, 2004 at 02:14:53PM -0500, Hector Santos wrote:
| Meng (or anyone else who wish to comment),
|
| Please correct me if I am wrong here, but I believe I found a loophole.
|
| Having added support for both DMP and SPF. The key difference seems to be
| DMP checks both; return path and machine domains, SPF only fallbacks to the
| machine domain when the return path domain is NULL.
|
| With DMP, the logic is to check for the return path domain first of a
| DENY=ALLOW/DENY and fallback to the machine domain for possible spoofing.
|
| With SPF, if I read the specs right, the logic is to check only the
| machine domain iff (if and only if) the return path domain is a null
| address.
Can you explain what you mean by
- "machine domain", and
- "check"
?