Scott Kitterman wrote:
Don't both these proposals amount to "forwarders" saying
"trust me I'm a forwarder - you can just skip rejecting
SPF Fail mail from me"? Wouldn't anyone trying to forge
mail and "beat" SPF claim to be a forwarder?
The only entity that can reliably identify a forwarder is
the receiver that establishes the forwarding relationship.
+1 wrt Julian's proposal (I didn't check the revised TENBOX).
We discussed op=meng (renamed to op=trust) back in 2005, and
I dropped it as useless later: Of course "final receivers"
can whitelist "traditional forwarders" based on a HELO PASS
if the forwarder offers it. But they don't need a modifier
or option for this piece of "receiver policy" magic. Plain
RFC 4408 SPF will do for this purpose.
Frank
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=83615932-da10cc
Powered by Listbox: http://www.listbox.com