At 11:17 PM 3/30/2005 -0500, Scott Kitterman wrote:
CSV only deals with HELO/EHLO. Since so many mail servers have a bogus
HELO/EHLO these days it's near term utility seems questionable.
Since the HELO domain is not used for much these days, that seems like the
ideal place for a mail server to declare its identity. Any server that
won't do at least that, is unlikely to participate in any authentication
protocol.
We need some way for the server to *declare* its identity in a way that
will override whatever method is used by the receiver. Maybe EHLO <domain>
*, with the * meaning "This is my real identity, not some nonsense you can
ignore in favor of some other name you find in the envelope or
headers." An explicit declaration is important. As any border guard will
tell you, we need to separate the dishonest from the merely incompetent.
-- Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *