On Thu, 11 Jan 2007, Julian Mehnle wrote:
This alternative approach to solving the forwarding problem, other than
SRS, has been known for a long time. The you-missing-it thing is
probably due to the website not pointing it out very well. ;-)
I forgot to mention that you don't actually need an ESMTP extension to do
that. You just have to go through all domains on your personal "trusted
forwarder" white-list, resolve their SPF records, and see if the sending
IP address is among _any_ of them. You don't even need an "SPF-like"
system -- SPF itself can very well be used for that.
(And of course you don't have to resolve all the SPF records on the fly for
every incoming message. You can cache them.)
Also, even if your forwarder doesn't have an SPF record (and you still insist
on using them despite being so forger friendly), you can keep a local database
of substitute "SPF" records that you figure out. For instance, pyspf has a
'delegation' feature to look for a substitute "SPF" record under a domain
somewhere when a real SPF record is not found.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735