spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: RPF explanation and examples

2006-11-15 16:21:30
On Wed, 15 Nov 2006, K.J. Petrie wrote:

On Wednesday 15 November 2006 20:37, Julian Mehnle wrote:
Stuart D. Gathman wrote:
You wouldn't.  However, your 3rd party imap provider won't know your
local rules.  RPF is a way to communicate your local rules to your 3rd
party imap provider.

I think this kind of public disclosure is a security problem.
Yes, one reason I abandoned my RPF suggestion.

Another way would be for the imap provider to create a web application
allowing you to login and enter your rules.

There are lots of better ways to automate this that don't imply public
disclosure of your personal policies.
And we don't need to lay down how they do it, as long as they realise they 
should.

And there, we are all on the same page, and in agreement!  So we
need a to make sure that "mail providers need to let users enter
SPF policy" makes it to the best practices page.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735