On Tue, Sep 06, 2005 at 05:55:21PM +0200, Alex van den Bogaerdt wrote:
On Tue, Sep 06, 2005 at 04:08:58PM +0100, paddy wrote:
On Tue, Sep 06, 2005 at 03:36:42PM +0200, Alex van den Bogaerdt wrote:
On Tue, Sep 06, 2005 at 12:09:46PM +0100, paddy wrote:
granted, but it does not replace the check of a ptr which has potential
to curb forgery the other way around.
What are you trying to prove? I think you are mixing up technologies.
Apologies if I came across a bit strong. I've never really stopped to
I am just asking a question: what is it that you are trying to prove. We
were talking about HELLO and SPF, you suddenly talk about ptr.
Alex, please accept my apologies. I just re-read the thread, and I realise
I have misunderstood and caused confusion at several turns. Thanks for
taking the time to explain.
In particular, what you were saying that a certain kind of spf check
obviates the need for even a hostname lookup, I get now, apologies for the
confusion.
I'm still surprised by what I take to be your interpretation of
"a primary hostname", but I wouldn't be all that surprised if you were right.
Sometimes you do not want a client to be able to connect to all
interfaces. You just return one ip-address (and probably have
a different name per interface).
so, as you say, you use different names.
I can see how this might cause practical difficulties if you have a
multi-homed host that insists on using the primary hostname for
multiple services, some of which you run on only some ports.
Throw in SSL certs for extra flavour.
I discounted this as breakage, rather than a good technical reason,
but I take your point about practicalities, and if you are a right
about the whole primary hostname thing then that probably settles it.
strongly suggests that there may be situations in which it is impossible
or undesirable to EHLO with a verifiable domainname (supporting a
legacy doesn't seem like a likely reason), but I've yet to see an
explanation
or example that I found compelling (but that may be just me being dense).
Look a couple of messages back.
This the primary hostname thing ?
Regards,
Paddy
--
Perl 6 will give you the big knob. -- Larry Wall
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com