On Wed, 2004-11-10 at 17:50 +0100, David wrote:
Hi !!
I suggest you sign up for the SES-DEVEL list and share whatever thoughts
you have. I'm trying not to drag SES into discussion on this list
because its not appropriate.
Well, there is a point where ses needs spf and as ses could also be
a replacement for srs, i feel that list is also apropiate for ses,
at least for the part of ses that relates to spf and srs.
The others (Seth, Roger, Tony, Stuart, etc..) can chime in here, but I
believe all that is of value at this time is to have published within
the next SPF RFC Draft the presence of an SES modifier.
i think in that case will be more elegant to have a ses mechanism
rather than a ses modifier, but maybe it will break current
implementations (or will force current implementations to support ses)
I disagree. That means everyone has to upgrade their MTA's with new SPF
parsing clients. The idea is to capitalize and aide those who have
already deployed without muddling the water.
This is why the spec contains multiple methods of obtaining the
validation server. The way we recommend is the UDP callback which is
the cheapest and fastest method (and has an added security measure to
ensure its not easily mucked with).
If you are already publishing SPF and want SES, you have the option of
doing so by using your existing SPF record. There is a negative to this
however, as to use SES, you now require an SPF parser.
There are also the hybrid DNS servers which although I do not agree with
given the exceptionally embarrassing reputation named has for example,
but futhermore, official patches making it into named fall into the 'fat
chance in hell' category. The UDP validation service makes the most
sense (and is capable of TCP too).
Lastly we have the SMTP callback which will allow someone unwilling to
use or untrusting of the UDP validation service or the SPF method of
obtaining such to move long without problem (allbeit at a higher cost
given the overhead of an SMTP callback).
I personally anticipate strong adoption of the UDP/TCP validation
service which can run in/on/around the MTA or anywyere you want it to
provided it can communicate with the MTA in some way shape or form your
golden. And we have also deliberated and given much consideration to
large clusters of mail servers, and although originally arriving at a
technically complex yet possible solution, it ultimately (Roger's help
was exceptionally helpful here) led to the very simple and powerful
solution we have arrived at now.
Cheers,
James
--
James Couzens,
Programmer
( ( (
((__)) __\|/__ __|-|__ '. ___ .'
(00) (o o) (0~0) ' (> <) '
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
signature.asc
Description: This is a digitally signed message part