On Mon, 13 Nov 2006, Stuart D. Gathman wrote:
The idea is that the 3rd party mail store checks SPF on all
incoming mail - modified according to a "v=rpf1" record which is
checked first. RPF records are evaluated just like SPF, using the
MAIL FROM domain for evaluation, not the RCPT TO domain used to fetch
the RPF record. An RPF pass means to accept the message and SKIP SPF
checking.
Correction, the RPF record should be evaluated with the RCPT TO domain, but
the %{s} macro containing the MAIL FROM. Like include, but with
different responses to the SPF result.
Example 3: local domain blacklist
Example.com maintains a list of domains they wish to reject all mail
from in DNS.
example.com TXT "v=rpf1 -exists:%{s}.blacklist.%{d}"
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735