-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stuart D. Gathman wrote:
On Fri, 8 Jul 2005, Julian Mehnle wrote:
That is not very useful, because the forwarder can have many MTAs -
all with different HELOs. And the set is subject to change.
Whitelisting can include wildcards, like *.mailout.forwarder.com or
even *.forwarder.com.
And SPF already has the machinery for that and more. Why not use it?
True, it is not a MAIL FROM identity, but it is a "virtual" MAIL FROM
identity - the one that would be used if MAIL FROM were rewritten.
I was talking about SPF checks of the HELO identity: 1. SPF-verify HELO
identity, 2. apply white-list against verified HELO identity, possibly
using wildcards (depending on the white-list entries). :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCzsrRwL7PKlBZWjsRArlhAJ9L9njlXIauR9eVErujwulsfQl5kQCgmC2V
f5l2zbbvRyGVD0qsoq1m7TQ=
=nDhn
-----END PGP SIGNATURE-----