...... Original Message .......
On Fri, 19 Aug 2005 14:19:18 -0500 "Seth Goodman"
<sethg(_at_)GoodmanAssociates(_dot_)com> wrote:
From: Dick St.Peters [mailto:stpeters(_at_)NetHeaven(_dot_)com]
Sent: Thursday, August 18, 2005 2:32 PM
Graham Murray writes:
<...>
So I envision something like this: first, use v=spf1 to check the MAIL
FROM, then use spf2.0/pra to check the "i=" tag if present or the M$
PRA if not, then use DKIM to classify the signature verification
state. All that remains then is specifying a matrix of what to do
with all the results.
I probably better duck ...
Not at all, this is a good thing to discuss. You've presented a big
picture
for mail validation, something that often gets lost.
Yes. This is the work that I think needs to be done next.
Protocols that operate in the domain of the envelope (e.g. SPF or CSV) come
before protocols that operate on the body (e.g. SID or DKIM). In the
larger scheme of thing I can see SPF records as a sort of a gatekeeper for
other methods.
I'm thinking of the periodically discussed op=dkim as the domain owner
asking receivers to check DKIM (go to DATA) and not reject an SPF Fail that
passes DKIM.
Scott K