On Thu, 10 Aug 2006 22:53:13 -0700 (PDT) "william(at)elan.net"
<william(_at_)elan(_dot_)net> wrote:
Later I did come up with way to "mix" SPF & MAIL FROM authorization
with signatures. The idea was to include name of the server doing
signing as part of the signature data and then do SPF authentication
against that name (i.e. resolve that name to ip address and check if
that ip address is allowed based on MAIL FROM - the answer should be
yes and this way it also bypasses direct SPF forwarding failures). But
this is not possible to do with DKIM as it does not include server name.
Doesn't DKIM include the ability to sign arbitrary header fields? If so, I
would imagine we could define a new X- header like X-SPF-Origin and senders
could sign it. As long as it's signed, I think that's as good as in the
signature...
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com