spf-discuss
[Top] [All Lists]

[spf-discuss] Re: Header Order

2006-11-11 16:00:26
David MacQuigg wrote:

My assumption is based on the fact that "Received" is past tense.

Maybe, but also plausible is this:

I authenticate the HELO name first, then run additional checks
(SPF, DKIM, etc.) as required by the sender

For the "DKIM, etc." part you look _into_ the mail.  The classical
approach is that MTAs never need to do this, they just receive
lines of input from some socket, send replies to this socket, and
write received mails line by line into a file or similar device,
for further processing by a local mailer or forwarding.

With that classical approach they would first (after DATA) write
their timestamp line, and then receive the mail header and body,
appended to the output started with their own timestamp line.

SPF is pure classical SMTP, the MTA already has the result at the
time when the client says DATA, and therefore it can simply write
one or two Received-SPF before its timestamp (Received) before
the following data (received header + body).

If the output device is a file it would be a bad plan to insert
stuff at its begin after it has been otherwise completely received
and written (at the time of the dot).

On the other hand for your purposes, doing "DKIM, etc.", you have
to get at least the header before you know if it's a PRA PASS, for
DKIM you might also need the body (don't nail me if that's wrong),
and after that you can create Authentication-Results or similar.

The 2822-schemes are more expensive, no surprise.  But if you've
to insert Authentication-Results "somewhere" in the header anyway,
you can as well insert them at the top before your timestamp.

Frank


-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735