Scott Kitterman wrote:
Is there enough SRS in the wild today to make the big bank
phishing target really care?
No idea. The SRS article on Wikipedia was a disgrace, it had
a {{context}} and a {{tech-stub}} attached to it. I've just
removed both after adding some technical SMTP background...
http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme
...but nothing so far on what SRS actually does ;-)
I think the DKIM modifier is the best one and DKIM isn't far
enough along to really understand what it should do. We need
to think this one through in parallel.
After SPF got its RfC number - I misseed that it's already in
AUTH48 for two weeks. Where's Wayne, on the road trying to
find Meng ? <g>
Sanity check... no, your validator claims that "v=spf1
op=helo,nohelo" (with a comma) is "valid", in other words it
doesn't validate the op= as specified.
What result did you expect?
What I got, syntax for op= modifier not validated. Nobody has
implemented it yet. Maybe I'll submit it anyway as I-D later,
it's kind of risky if it only exists on my Web space.
The validator is a good little v=spf1 engine and properly
ignores modifiers it doesn't understand.
Sure, but if you'd support say op=auth (was op=scott <g>) then
you'd validate that there's comma in in the list of options.
op=nohelo in HELO tests shoukd be a fast showstopper.
Yes.
Triggered by a recent discussion here with Hector I looked into
the credits and version history of the op= draft again: And of
course op=helo used to be op=hector in the 1st op= draft... ;-)
Bye, Frank
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com