On Wed, 9 Jan 2008, Julian Mehnle wrote:
No, you got both Michael and me wrong. Each of our proposals is merely
trying to establish a solid identity that receivers can actually PUT on
their forwarder whitelist. Of course receivers still have to explicitly
do that themselves.
Just whitelist the SPF domain of the forwarder. This is the domain they
*would* have used *if* they did SRS (even though they don't). If they don't
publish an SPF record, I make a local one with my guesses of their IPs (or
just don't use them as a forwarder). Of course, if they *do* use SRS,
then the problem of what to whitelist is solved.
Since you don't immediately know the forwarder domain of a non-SRS
forwarder, you have to search. A simple linear search is inefficient
when the list is large. So, a hint as to what the forwarder domain
might be would be easier than tricky programming to efficiently search
the forwarder list given an IP (convert each SPF record to a set
of IPs and search those). But if the forwarder is nice enough to do that,
why not just use SRS? Also, ENVID could contain the hint, as someone
suggested.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=83596623-2ec67b
Powered by Listbox: http://www.listbox.com