spf-discuss
[Top] [All Lists]

Re: Re: SPF implementations

2005-08-15 12:07:37
On Mon, 15 Aug 2005, Frank Ellermann wrote:

P.S.: 26 new "misdirected" bounces while I typed this article.

[Assuming by bounce you mean a DSN with MAIL FROM = <>]

You need to use self-signing SRS or old SES to discard those
misdirected bounces.  I've gotten 200 since yesterday, but I had
to grep the log to count them.  Old SES doesn't compute a body hash,
and is useful as an improvement over self-signed SRS for blocking
bounce spam.  

[New SES is an alternative to DKIM where you query the sender to validate
a hash code instead of fetching a public key and validating a signed
hash code.  Unlike DKIM, it can stop most forgeries before SMTP DATA.
Like DKIM, it suffers from body hash limitations.]

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>