spf-discuss
[Top] [All Lists]

Re: Recipient Rewriting Scheme

2005-08-18 11:45:11
On Thu, 18 Aug 2005, Alex van den Bogaerdt wrote:

On Wed, Aug 17, 2005 at 11:08:27PM -0400, Stuart D. Gathman wrote:

RRS=IHBf67rW=blockbuster(_dot_)com=user(_at_)example(_dot_)com

this is RCPT TO, not MAIL FROM.  I think I got confused there.

Looks promising.

Good.  Now getting started on implementing it, the wrinkle is that
there are multiple recipients.  Once I allow the MAIL FROM,
I have to ACCEPT or REJECT each recipient in turn.  I suppose this
is just a matter of caching the main SPF result when encountering
the first non-RRS recipient.  Each RRS recipient would then cause a new SPF
lookup. 

So the draw back of factoring the recipient into an SPF receiver policy 
is that you have to go through all the recipients before you are
done with the connection.  Some of these spammers attempt hundreds
of random recipients on a MAIL FROM, hunting for one that works.
REJECTing on MAIL FROM gets rid of the pests a lot sooner.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>