spf-discuss
[Top] [All Lists]

Re: Strictly my opinion

2004-03-06 10:57:38
In 
<3(_dot_)0(_dot_)6(_dot_)32(_dot_)20040306104244(_dot_)009983e0(_at_)mail(_dot_)yellowhead(_dot_)com>
 administrator(_at_)yellowhead(_dot_)com writes:

After examining Microsoft's CallerID proposal in more detail, it is my
opinion that any system which attempts to reject/return mail after the DATA
phase is inherantly flawed.

I won't go quite so far as to say that Caller-ID is inherantly flawed.

I think that we *MUST* validate the envelope-from so that bogus
bounces can be eliminated and that valid bounces have a much better
chance of being delivered.  I think that we also *SHOULD* try hard to
validate the From: header using some other system, such as Caller-ID
or DomainKeys or something.  I think the latter problem is much harder
in many ways, it may not ever be completely possible, and that a
validated envelope-from can play an important part in validating
the From: header.

So, I think both SPF and Caller-ID/DomainKeys are incomplete
solutions, but that SPF (or some designated sender system) is needed
first.


-wayne


<Prev in Thread] Current Thread [Next in Thread>