On Wed, 17 Aug 2005, Scott Kitterman wrote:
I had been thinking along these lines too. The problem is that any
proper mailing list will fail this test.
All the mailing lists I am subscribed to, including this one,
have Sender == MAIL FROM. This meets the proposed requirement.
Most of the legit messages out of the remaining 20% are from mailing
lists. I'm interested in input on other legit sources. The question is
how to deal with this 20%.
Use Sender, as proposed.
So I'm thinking that we invent a new modifier called 'from='. BTW, I
think someone else has suggested this before, so I make no claim of
originality here. The idea is that you look for an SPF record in the
domain of the From:. If there is no record or if it's a regular SPF
record, then you move on. If the record has a 'From=' modifier in it,
then we know that the domain owner has made a statement that only
messages that have a Mail From: == From: are legit. I would limit this
to the domain part since that's what SPF is designed to do.
An opt-in modifier is a good idea. But from= doesn't cut it - it isn't
obvious that Sender could match also - and what should the argument be?
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.