Scott Kitterman wrote on Friday, April 06, 2007 11:20 AM -0500:
But then it still comes down to reputation.
Whether the recipient truly whitelists all of the forwarders content, or
the recipient still does content checks and tracks forwarder reputation
is a separate question. Whitelisting forwarders, and protocols to pass
forwarding domains, may only mean that they get another chance to
generate an SPF pass where the HELO and MAIL FROM do not pass.
Unless I have a whitelist of forwarders that I trust, it could
be any random forger using this protocol.
Not exactly. The random forger would need control of an IP that the
claimed forwarding domain lists in its SPF record. Making it per user
at the recipient would definitely make it less abusable, but it then is
the same effort as a recipient explicitly tracking all of its users
forwarding relationships. That is what tenbox or similar must address
to be useful. How would the tenbox system reduce the effort required by
recipient systems and their users to whitelist user forwarding
arrangements?
--
Seth Goodman
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735