-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Hector
Santos
Sent: Thursday, September 30, 2004 1:49 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Unified SPF Algorithm (was: moving on from
MARID)
Is it all possible to add SPF 2.0 provision for consideration of the most
important entity of the 2821 transaction? The forwarding address;
2821.RCPTTO?
If RCPTTO fails, then all your steps is all for nothing.
Sincerely,
Hector Santos, CTO
Santronics Software, Inc.
http://www.santronics.com
305-431-2846 Cell
305-248-3204 Office
Another point in favor of checking 2821.RCPTTO is for whitelisting. I
believe that in the end there is no non-cryptographic solution to the
"forwarding problem" that doesn't involve some degree of trust relationship
with the forwarder. Checking for a trust relationship (whitelisting) will
need to be done on a per user basis if it's going to work for large domains.
This can't be done until after you know who the user is.
Scott Kitterman