-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael Deutschmann wrote:
I think the approach to dealing with forwarders needs to change. In
particular, I think we should sideline SRS and work on some kind of SMTP
extension to make forwarder whitelisting easier.
Specifically, I'd like to see an ESMTP extension where a sender can say
"I'm a forwarder, the recipient knows me as X and trusts me, so don't
SPF-check this message". X would be an identity that the recipient MTA
would check against a whitelist, and it would contain a domain so the
sender IP's right to claim that identity could be verified using
SPF-like DNS records.
This alternative approach to solving the forwarding problem, other than
SRS, has been known for a long time. The you-missing-it thing is probably
due to the website not pointing it out very well. ;-)
However, ...
Unlike SRS, which places significant burdens on the forwarder, this
would only require a software upgrade.
... what, besides a software upgrade (even in a more central place), does
SRS require?
Anyway, I agree that the alternative approach you describe is more likely
to be deployed "soon enough" than SRS is. (SRS may still be required for
forwarders that aren't trustworthy enough for recipients to white-list
them, though.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFphlDwL7PKlBZWjsRAoW6AJ4gacBDS/h7bHh0owiPmBMrbeYz3QCfe73U
AGH5zBqB6UBQmcq3KQZ/odE=
=4751
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735