On Thu, 1 Sep 2005, Stuart D. Gathman wrote:
System Identity Method Type
CSA (CSV) HELO Connect IP
SPF MFROM,HELO Connect IP
SID PRA (Patented synthetic rfc2822 identity) Connect IP
DKIM Most RFC2822 headers Crypto (PK)
SES MFROM, Most RFC2822 headers Crypto (MD5)
I should add:
RFC2821 HELO Connect IP
Since simply conforming to RFC HELO requirements (FQDN that resolves to
connect IP) is a reasonable authentication. In fact, it is really all
that is needed - just track reputation of HELO names and reject the
invalid ones. Unfortunately, too many MTAs have bogus HELO names, making
rejecting on invalid HELO impractical. Hence the need for additional
mechanisms. Basically, CSV/CSA and SPF are a way for a domain to
say, "Hey, I'm *not* yet another completely clueless mail admin - it's
ok to reject bogus HELO for my domain (and bogus MFROM in the case of SPF)."
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com