On Wed, Jul 28, 2004 at 06:48:26AM -0700, rogerk(_at_)queernet(_dot_)org wrote:
Quoting John Keown <jdk(_at_)nni(_dot_)com>:
As I have said I cannot think of a valid requirement to have an overly broad
spf record. There are many ways around this.
Then name one, addressing exactly the scenario I gave you:
- User can only connect to their provider or employer's SMTP server
- User wishes to send mail *from* their private or non-profit's domain we
host,
with the envelope sender AND From: header reflecting that
some appropriate remailing setup.. come on.. i'm sure you can work something
out... have them put a special password in the subject line, and remail only
if it is there..
sure, no pgp encryption and the password can be hijcaked.. at least it is
a lot better than +ip4:0.0.0.0/0
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
pgpuQRX0dg8Rh.pgp
Description: PGP signature