-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of
Michael Hammer
Sent: woensdag 24 november 2004 14:23
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] SPF lookup with intermediate ISP mail relay
On Wed, 24 Nov 2004 08:57:17 GMT, Mark <admin(_at_)asarian-host(_dot_)net>
wrote:
I understand what you're trying to do, and why; but
perusing the headers for Received: headers is, in the case of SPF,
somewhat questionable. The beauty of doing SPF at the SMTP dialogue
level, is that the connecting IP address, for all purposes and intent,
is a trustworthy entity (see earlier posts about the difficulty of
hijacking a TCP/IP connection). You lose that certainty with (unsigned)
headers.
Mark, I'm going to have to quibble with you about the connecting IP
being a "trustworthy entity". A more appropriate phrasing would be "a
knowable entity".
Perhaps an even better phrasing would be "certified entity" -- trustworthy
with regard to its claimed identity. In plain English: you can trust the
connecting IP address to be what it says it is. Not 'trustworthy' in the
sense how, say, a reputation service would define the term (it could very
well also be trustworthy in that way, but that is beside the point).
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx