spf-discuss
[Top] [All Lists]

Re: [spf-discuss] DKIM-SSP integration SPF

2006-08-10 22:55:39

On Thu, 10 Aug 2006, Hector Santos wrote:

DKIM-SSP as a payload concept will be added to the SMTP DATA LEVEL.   Other
systems will have post SMTP implementations.

The question, if any, is there relationship between SPF and DKIM-SSP? If so,
what is that?

It is not entirely clear to me what this relationship is right now.

Meng advocated just taking it as equal and having client authenticated
based on either SPF or DKIM. However I'm not sure he ever had clear
idea how it would look like beyond just talking about it and my view
is that such mixum is entirely bad idea because these are different
identities at different parts of email infrastracture.

Later I did come up with way to "mix" SPF & MAIL FROM authorization
with signatures. The idea was to include name of the server doing
signing as part of the signature data and then do SPF authentication
against that name (i.e. resolve that name to ip address and check if
that ip address is allowed based on MAIL FROM - the answer should be
yes and this way it also bypasses direct SPF forwarding failures). But this is not possible to do with DKIM as it does not include server name.

If you have some other ideas to discuss on how mail signatures can be mixed with SPF please do - this is correct list for such discussions.

--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com