Re: review of the MS Caller-ID draft

spf-discuss

Re: review of the MS Caller-ID draft

2004-02-24 14:51:28

On Tue, 2004-02-24 at 15:44 -0600, wayne wrote:

Without checking the envelope-from, you can't safely bounce email.


Bouncing email should be avoided if at all possible. As you correctly
say, without checking the SMTP reverse-path, bouncing is unsafe (i.e.
contributes to collateral damage).

But you can still _reject_ at SMTP time, without having to trust the
SMTP reverse-path. That doesn't cause a bounce assuming you're talking
to the actual sender of the spam, and not some open relay or similarly
broken host.

Caller-ID and DomainKeys both need something like SPF or SRS+callbacks
to make them safe to use.


It should be safe to use them at SMTP time in the MTA, before accepting
the mail.

-- 
dwmw2

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
review of the MS Caller-ID draft, Meng Weng Wong Re: review of the MS Caller-ID draft, wayne Re: review of the MS Caller-ID draft, Meng Weng Wong Re: review of the MS Caller-ID draft, wayne MS-Caller-ID to SPF converter (cid2spf.pl), Ernesto Baschny Re: MS-Caller-ID to SPF converter (cid2spf.pl), Ernesto Baschny Re: MS-Caller-ID to SPF converter (cid2spf.pl), Ernesto Baschny Re: MS-Caller-ID to SPF converter (cid2spf.pl), wayne Re: MS-Caller-ID to SPF converter (cid2spf.pl), Ernesto Baschny Re: MS-Caller-ID to SPF converter (cid2spf.pl), Matt Sergeant Re: review of the MS Caller-ID draft, David Woodhouse <= Re: review of the MS Caller-ID draft, Meng Weng Wong Re: review of the MS Caller-ID draft, wayne Re: review of the MS Caller-ID draft, discussion-lists

Previous by Date:	Re: how to protect the HELO using SPF, wayne
Next by Date:	RE: Possible SPF machine-domain loophole???, Dustin D. Trammell
Previous by Thread:	Re: MS-Caller-ID to SPF converter (cid2spf.pl), Matt Sergeant
Next by Thread:	Re: review of the MS Caller-ID draft, Meng Weng Wong
Indexes:	[Date] [Thread] [Top] [All Lists]