On Saturday 05 January 2008 12:15, David Woodhouse wrote:
On Sat, 2008-01-05 at 09:47 -0700, Edmig wrote:
But it does have to correlate with the IP address used by the sending
host. Which raises the question again - why not just use the HELO
name to authenticate an incoming IP address?
No reason. See http://mipassoc.org/csv/
Works just as well as SPF, giving you an authenticated label which you
can use in your reputation database. And without the brokenness.
If you want an authenticated label based on HELO you can equally use SPF HELO
checks. Compared to CSV it has the overwhelming advantage of having records
deployed in more than a trivial number of domains.
The CSV drafts are, last I checked, expired, and it appears that their authors
have given up on the concept.
Scott K
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82196783-0d27ed
Powered by Listbox: http://www.listbox.com