On Sun, 18 Apr 2004, K.F.J. Martens wrote:
I'm new to this all. Where can I read more about SES. I did a few queries on
google, but so far I only found a few archived entries from this list.
Look at spf.pobox.com/srs.html
SES (Signed Envelope Sender) is another name for Universal SRS (Sender
Rewriting Scheme). The envfrom of all outgoing mail has a cryptographic
cookie added which has two benefits:
1) allows reject forged bounces because the return address does not have
a valid cookie
2) allow a mail recipient to do CBV (callback verification) to check whether
the envfrom is valid before accepting the mail.
#2 provides all the functionality of SPF - but is way more expensive for both
mail sender and recipient. However, SRS is required for SPF anyway, so
there is great benefit in doing all of them: SRS + SES + SPF.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Very few of our customers are going to have a pure Unix
or pure Windows environment." - Dennis Oldroyd, Microsoft Corporation