At 01:51 PM 1/29/2007 -0600, Don Lee wrote:
Can someone provide a pointer to more information about what is outlined
here? I am not aware of a "reputation service" that works like this.
It's still in the works. http://open-mail.org/Registry.html
Also, its not a "reputation service", but a "clearinghouse" where
reputation and authentication data from other sources may be kept.
We do have a "stub" reputation service, which I am populating with my own
personal preferences as to which domains get A or B ratings, but I am not
suggesting others use it just yet. The plan is that we will accumulate
statistics on the ham/spam ratio for each domain, and from those
statistics, generate the domain ratings automatically.
You are welcome to participate in our beta testing, if you are as eager to
get started as I am, and can tolerate the usual lack of polish in an
unfinished product.
-- Dave
************************************************************ *
* David MacQuigg, PhD email: macquigg at open-mail.org * *
* President, Open-Mail dot org phone: USA 520-721-4583 * * *
* Postmaster, Box67 dot com * * *
* 9320 East Mikelyn Lane * * *
* http://purl.net/macquigg Tucson, Arizona 85710 *
************************************************************ *
>At 06:56 PM 1/27/2007 -0500, John A. Martin wrote:
>
>> >>>>> "David" == David MacQuigg
>> >>>>> "Re: SPF basics commentary"
>> >>>>> (Sat, 27 Jan 2007 14:00:56 -0700)
>>
>> David> For most SPF records, the HELO and Return Address
>> David> authorizations should be one and the same.
>>
>>Does that mean that the domain part of the address given in the MAIL
>>FROM should be the same as the FQDN used in the HELO command?
>
>No, just that the mailfrom domain match the last few parts of the
hostname in the HELO command. This still leaves a little confusion as to
how many parts to include when we look at a HELO name like
mx1.example.co.uk. (We haven't seen the MAIL FROM command yet.) What we
do is start by looking up the record for co.uk:
>$ dig txt co.uk.s-id.net +short
>"opt=IDlevel:3"
>This tells us that records in this domain are kept at level 3. A second
query then produces the desired result:
>$ dig txt example.co.uk.s-id.net +short
>"svc=S1:A,M2:A,H1:B ip4=192.168.0.0/24"
>This domain has ratings from three reputation services, and is
authorized to transmit from one block of IP addresses.
>
>-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735