-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael Deutschmann wrote:
On Sun, 28 Jan 2007, you wrote:
(That's because I seem to have missed it. Can you point me to the
message where you originally made that suggestion?)
It's:
Date: Mon, 15 Jan 2007 16:45:16 -0800 (PST)
From: Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
Subject: Re: [spf-discuss] Re: The forwarder's perspective
Message-ID: <%y2BrFx0fj(_at_)khar-pern(_dot_)talamasca(_dot_)ocis(_dot_)net>
Oh, that. I still have that message of yours in my inbox marked as
"unread" because I haven't found the time yet to think it through
completely. Will do soon.
When you say "mark forwards with a forgery-proof token the recipient
can whitelist", do you really mean some kind of mark that gets applied
to every message during forwarding? I don't think that would fly. If
it
It would be an extra argument to MAIL FROM: during the transaction
between the forwarder and one of the recipient's border MXs.
Well, I got _that_ idea of yours. It, too, has a problem, albeit a
different one. Who stops spammers (or other abusers) from offering the
same token in their MAIL FROM command? You'd again need some kind of
authentication mechanism (similar to SPF, but separate) to determine
whether the use of the white-listing token is legitimate. Or, if the
token was a cryptographic signature, it wouldn't be any different from SES
(or DKIM, if it covers the message header and/or body).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFvUsOwL7PKlBZWjsRAkiSAJwOwnfjRm+JItczVSYeTq6WheZrjwCgwlHy
XFwc/7l8oysmcdc0ub/W8mo=
=fnJy
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735