spf-discuss
[Top] [All Lists]

Re: overall HELO FAIL

2005-05-27 07:59:09
On Fri, 27 May 2005, Julian Mehnle wrote:

it appropriate.  Or, he may very well accept the transaction, e.g. to 
gather more information, or for statistics purposes.

For example, while I had been rejecting immediately after MAIL FROM on
SPF FAIL, I find that I often want to know who the email was to.
I could reject after the first recipient, or I could reject after DATA
(I already have a data_allowed flag) so that recipients are logged.

PS. I wonder if sendmail has an anti-pipelining feature that peeks
ahead on the socket and drops the connection if the sender is trying
to pipeline without permission.

If people are unsure about what a "failed authorization" can mean in the 
computer world, they probably need to learn about the "authorization" 
concept in general before going on with deploying SPF.

If people are unsure about the highly technical usage of the words in
the computer world, they should use different words so as to avoid
offending the jargon lawyers.  Based on my experience, I suspect that
reading up on the technical meaning of "authorization" will confuse
the heck out of them.  End admins just need to know that an SPF
fail is like a drivers license where the picture doesn't match.
And a PASS is like a valid drivers license.  Plenty of crimes are
commited while holding a valid license...

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>