On Mon, Jul 12, 2004 at 11:02:11AM -0700, Waitman C Gobble II wrote:
|
| But my current SPF implementation 550's the email before DATA. At the
| moment it only cares about fail and pass. If it makes it through other
| checks (RBL, etc) but SPF is set up for the domain and the host is not
| authorized, it 550's. If it fails the other checks but SPF says "pass"
| it lets it go through. That is working for me so far. If SPF isn't set
| up for the domain, then this check is diregarded. I am not currently
| considering the grey-area responses in my scheme.
If you're doing the above, you're just checking the
Return-Path. The instructions to senders of web-generated
email say they need to change the Return-Path.
| But the Sender: header means i have to do DATA no matter what and then
| check the message, right? Not my favorite!
If the return-path checks out, you don't need to look at the
headers. The SUBMITTER extension will make it so that you
never need to look at the headers, when that's all
deployed. It's coming soon to an MTA near you.