spf-discuss
[Top] [All Lists]

Re: making the policy decision: leveraging HTTPS

2004-06-20 20:04:00
On Sun, Jun 20, 2004 at 06:08:27PM -0700, Matthew Elvey wrote:
 given DOMAIN, attempt to connect to https://www.DOMAIN/.
I would use RHS lists that used this as a key factor in their 
reputation-assigning algorithms, such as one that assumed that such 
domains were sources of ham until proven otherwise, because certs cost a 
lot.
I would NOT like to see SPF code checking this directly.  That's a very 
bad idea, when the use of RHS lists is so much easier and more appropriate.
The reputation service can do the check the first time it's asked about 
a domain, and then once a day, perhaps.  Creating and tearing down an 
SSH connnection for each message is nuts.

Proposing that a mail sender must ALSO setup and run a Web-server is rediculous!
I have many domains that send and receive mail but do not have, are not
intended to have and will not have HTTP based services.


-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your 
subscription, please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

-- 
-=[L]=-