On Nov 29, 2004, at 9:40 PM, Hallam-Baker, Phillip wrote:
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Seth
Goodman
the load is incoming, not outgoing, and you can't do
verification off-line and still reject during the SMTP
session. That is exactly the direction we don't want anyone to go.
Rejecting in the SMTP session is an unnecessary crock, particularly
for DK
since there is no way to complete validation until you have read the
last
byte of the message.
So? You can still reject after DATA. Think about it this way: why not
reject after DATA - it ends up costing you less resources in the long
run since you don't have to generate and attempt a DSN. That and a
failed DK signature is a decent indicator of a forged address, so an
out-of-band bounce is much less acceptable.
Pardon my intrusion on this fantasy, but not everything Yahoo
or Microsoft does is sensible or intelligent. They also have
very large budgets and there are political factors that can
outweigh the technical ones.
What you call political factors are known as 'customers' arround here.
Go troll somewhere else.
Seth's not a troll. It is very amusing though how anything a large
corporation does gets almost universal scorn around here. Especially
amusing in the case of Yahoo!, since they actively contribute back to a
number of open source communities.
George