-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks guys,
I think I have a fuller understanding of PRA, and why it hasn't been
discussed much here now.
So if I get this right:
(PRA == mfrom) IFF run from the server or a client of a server that
provides sufficient trace information.
(PRA == From) for all cases where checked from the client with
insufficient information to do the above.
I say this as most of the Received-* headers are just ways to forward
mfrom and source IP.
Which, of course brings up the topic of forged Received-* headers, which
I suspect are the most difficult to detect in exactly the circumstances
where you are most dependent on them (client checks above).
I think a soft PRA record is the best anyone could do given the
information here. Received-* header forgery is even more rampant
than mfrom forgery, I rarely see spam without it.
- --
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC5UL58/QSptFdBtURAvPCAJ9t4ZPj4pxonkKTcqs6L/ZIYYwlXQCeOwiq
VlwKCyB4mpdldv6x0XKRx0Y=
=s7ue
-----END PGP SIGNATURE-----