From: Andriy G. Tereshchenko
Sent: Thursday, July 15, 2004 3:11 AM
[Seth Goodman]
This implies that you _don't_ have an ISP in Singapore. If
that is the
case, then any ISP in Singapore that accepts your outgoing
message when
you are not a customer _is_ operating an open relay. If
you _do_ have a
Singapore ISP, why don't you just declare their MTA in your
SPF record?
I don't see what the problem is.
My Singapore hotel provide me internet connectivity for
duration of my stay.
I do not see any reasons to update SPF for mycompany.com (think about
microsoft.com ;-)
domain and include data about entire mail-routing arhitecture
used by my hotel, hotel ISP and ISP of hotel ISP.
That the problem is unknown to most people, does not mean
that it does not exist
OK, then you don't have a Singapore ISP to delegate in your SPF record,
you merely have a temporary guest account at one as a result of renting
a hotel room. This is a common scenario that we have discussed. You
need to either use SMTP AUTH to submit the message to your real ISP or
company SMTP server, use a VPN client to connect to your domain network,
or use web mail. While SMTP AUTH or VPN are better since you get to use
your normal mail client, web mail is always a fallback.
Personally, I dislike DK because in order to reject during the SMTP
session, the recipient MTA has to do public key crypto
after receiving
the entire message, which is doubly expensive.
This can be possibly changed in some-way.
It needs to.
--
Seth Goodman