On Tue, 12 Apr 2005, Radu Hociung wrote:
I think you hit the nail on the head. Some common way for the recipient
to know which of (CSV, SPF, DomainKeys, etc, etc) is available would be
nice. Otherwise, the recipient is left "hunting", ie, searching all
places it knows about, on DNS or wherever. I'd be willing to allow the
recipient to make the choice of which of the available methods it will
use, and in what order, under the MSMR rule (my server, my rules) :)
I liked the proposals to advertise other authentications in the SPF
record via modifiers. E.g. dk=... ses=...
Even if the maintainers of the other protocols don't like it, it
doesn't hurt to put them in the SPF record. For those recipients that
check SPF first, you have a nice one stop list (when provided by the
sender).
IMO, checking MAIL FROM is the foundation before checking 2822 and
other identities, so putting the pointers to 2822 checks in SPF makes sense.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.