On Fri, 6 Apr 2007, Frank Ellermann wrote:
If this AUTH=user(_at_)fwd(_dot_)example is almost the same as Stuart's
"pretend
MAIL FROM" we might talk about something that's really better than SRS,
so far I was only curious... :-)
It is the same as "pretend MAIL FROM", except that instead of trying
potential forwarders in a list, the forwarder tells you which domain
to validate. Much more efficient. The effect is similar to SRS,
but bounces go to the original sender instead of the forwarder.
There is no real need for a v=tenbox record. It was only proposed in case
the forwarder doesn't want to publish an SPF record for some reason, or
wants to publish a "v=spf1 -all" policy (perhaps because they never send mail
from their own domain, "fwd.example" in the example scenario).
That's from a forwarder's POV. From my POV as original sender I'm not
interested in any bounces for mail not sent by me, that's why I have
an SPF FAIL policy. Does TENBOX guarantee that forwarders reject any
SPF FAIL before trying their TENBOX forwarding magic ?
No, but only trusted forwarders would be on your list. And AUTH=
would only be accepted for forwarders on your list.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735