On Thu, 16 Nov 2006, Jason LEWIS wrote:
What you describe RPF (Receiver Policy Framework) is nothing more than
taking your local mail filters and posting it in the DNS so the spammers
can see what MAIL FROMs you are blocking and which ones you are not. I
used to think this was a good idea, but now I agree with Julian: "I
think this kind of public disclosure is a security problem." For this
to work properly, you will need to implement this at the input to your
inbox, which is at your ESP's MTAs. If they can see who you're
blocking, so can the spammer.
I agree. I just wanted the idea to get a fair hearing. I would
probably prefer a webservices interface (provide policy in a structured
format to 3rd party using https with user+password). That is quickly
implemented, easily used by programs as well as humans, and can always
have a GUI built on top of it.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735