On Wed, 2004-07-21 at 18:02, David Beveridge wrote:
On Thursday Stuart wrote:
When you designate a server as '+', you are saying, "to the best of my
knowledge and ability, this server will never send forged email from this
domain."
Unless it's your own mail server you cannot say this. The plus means that
your mail comes from this server. It does not mean that all mail coming
from the server is from you.
I don't understand. Why can't I make this claim for servers I don't
own?
(I'm assuming that in the above you meant to say something like "It does
not mean that all mail coming from the server _and purporting to be from
you_ is from you", since obviously a reputable shared server will also
be sending non-forged mail from other domains too. :-) )
Let's say I have an awful ISP, and that I don't want to deal with
keeping up a mailserver myself, so I go to a reputable email service
provider to handle my domains email.
I believe that they don't allow cross-customer forgeries, (perhaps I've
tested this), I trust their security setup, and I've set things up with
them so that they don't allow other people to send mail purporting to be
from my domain.
What would prevent me from being able to use Stuart's wording and
honestly say, "to the best of my knowledge and ability, this server will
never send forged email from this domain"?
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com