In <430A7158(_dot_)6D76(_at_)xyzzy(_dot_)claranet(_dot_)de> Frank Ellermann
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:
Mark Shewmaker wrote:
[limited reuse]
I just wanted to throw out the rough idea in time for it to
< be useful if it could at all help.)
Doesn't work, there are cases where you get an erroneous PASS
for PRA-on-spf1.
Uh, can you give an example where using the PRA on SPF records will
give an "erroneous PASS"? By "erroneous", I mean case where a domain
the domain owner determined by the PRA algorigthm is given a PASS when
it would not have PASSes if it was found in the return-path.
I can see cases where the PRA will give a pass when the domain owner
in the From: wouldn't want it to. (e.g. a phisher adding their own
domain to a resent-sender: header.)
I can see cases where the PRA will give a FAIL when the domain owner
wanted a PASS.
Of the top of my head, I can't think of case of the PRA giving an
erroneous PASS.
-wayne