Re: using received headers to determine sending mta

spf-discuss

Re: using received headers to determine sending mta

2005-01-12 11:21:23

On Wed, 2005-01-12 at 18:54 +0100, jpinkerton wrote:

Sure - this method is only used after normal SPF checks don't produce
a Pass.  Recipients can choose how deeply they want to go through the
headers - bearing in mind that they can all be forged.


Actually I don't think this is really a problem. Remember, in the SPF
Brave New World every host will be capable of SRS anyway. 

It's just as easy for the sending MTA to fake the reverse-path by using
SRS, so it doesn't matter that your solution also allows it to fake
Received headers. SPF is only really about how much you trust the
sending mail server anyway.

-- 
dwmw2

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
using received headers to determine sending mta, Dan Field Re: using received headers to determine sending mta, Chris Haynes RE: using received headers to determine sending mta, Dan Field Re: using received headers to determine sending mta, Chris Haynes Re: using received headers to determine sending mta, Stephane Bortzmeyer RE: using received headers to determine sending mta, william(at)elan.net Re: using received headers to determine sending mta, Stephane Bortzmeyer Re: using received headers to determine sending mta, jpinkerton Re: using received headers to determine sending mta, David Woodhouse Re: using received headers to determine sending mta, jpinkerton Re: using received headers to determine sending mta, David Woodhouse <=

Previous by Date:	Re: using received headers to determine sending mta, Chris Haynes
Next by Date:	Re[2]: Is anyone else getting DoS'd by relay attacks?, Stuart D. Gathman
Previous by Thread:	Re: using received headers to determine sending mta, jpinkerton
Next by Thread:	libspf2 incorrectly handling certain queries, Rick Cooper
Indexes:	[Date] [Thread] [Top] [All Lists]