-----Original Message-----
From: Frank Ellermann [mailto:nobody(_at_)xyzzy(_dot_)claranet(_dot_)de]
Sent: vrijdag 23 september 2005 13:21
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Re: SPF and gateways
A second (non-technical) solution would be to adjust MX
records. Most outsourced AV is done by MX records being
changed to point to the AV gateway which then forwards to
the real mail server. You could introduce an additional
SPF gateway before the AV gateway
Yes, but then you have the opposite problem: Your MXs do
what you want, reject SPF FAIL, reject based on DNSBLs, etc.
(add CSV and MTAMARK here), then it relays the remaining
crap^Wmails to the AV-server. What happens if the AV-server
says "bad" ? How does it do that, do you see a "reject", or
does it silently DROP all identified mail worms (+ phishes),
or does it only tag this crap ?
Good point about the opposite problem. :) Fortunately, I believe it to be
good practice to just drop infected mail altogether, as I hold the belief
that a virus, or other malware, should never be reintroduced. or caused to
be reintroduced, into the mail stream again.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com