On Mon, 29 Jan 2007, Julian Mehnle wrote:
This is an interesting insight into your personal reputation system. Thank
you!
However, shouldn't a reputation atom be qualified by more than just "SPF"
or "neutral" ("neutral" _what_?)? I'd think you'd at least require
<scope/identity-type>, <method-of-authentication>, <result-of-authenti-
cation>, e.g. "HELO", "SPF", "Pass"?
You missed the previous post. The qualifiers are currently:
if SPF pass:
domain:SPF
elif bestguess:
domain:GUESS
elif HELO SPF PASS or bestguess:
domain:HELO
elif SPF neutral:
domain:neutral
elif SPF softfail:
domain:softfail
elif valid non-dynamic rDNS:
1.2.3.4:IP
else:
REJECT the connection
I don't accept connections I can't assign reputation of some sort to.
I can work around clueless senders by adding local SPF records seen only
by my servers. There is an option used at a few clients to accept totally
id-less connections. Reputation acrues to the IP. IP reputation is not
very effective unless you are the size of AOL.
SPF means SPF pass. HELO bestguess means the HELO resolves to the
connect IP, and is as good as a pass.
The qualifier list can be expanded. There is no need now.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735