At 03:40 AM 1/9/2008 +0000, Julian wrote:
No, you got both Michael and me wrong. Each of our proposals is merely
trying to establish a solid identity that receivers can actually PUT on
their forwarder whitelist. Of course receivers still have to explicitly
do that themselves.
With "i-am=", I can put "HELO=forwarder.org" on my whitelist, even if the
forwarder doesn't use that identity directly in their HELOs. Currently I
cannot do that, but I'd rather have to list all their individual HELOs
(which are bound to change over time).
"i-am=" is merely an out-of-band reformulation of Michael's in-band (SMTP
extension) idea for transmitting an additional identity.
The SMTP extension could be done in a way that is not tied to SPF (and thus not
as likely to generate opposition from the IETF or lack of support by advocates
of other methods).
5. Example Using the ID
Here is a typical SMTP session using the ID command. C is the client
(sender). S is the server (receiver).
C: EHLO mailserver7.bigforwarder.com
S: 250-host.com, welcome
S: 250-SIZE ETRN
S: 250-AUTH LOGIN ID
S: 250 HELP
C: ID bigforwarder.com
S: 250 ... Sender validation pending. Continue.
C: MAIL FROM:<bob(_at_)sales(_dot_)some-company(_dot_)com>
S: 250 Ok
The ID identifies the entity assuming responsibility for the messages which
follow in that session. Some additional restrictions (like requiring a valid,
registered domain name) might encourage senders to minimize the number of IDs
they use, but for legitimate senders anyway, there should be adequate incentive
in the desire to build a less fragile reputation.
-- Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=84135809-035803
Powered by Listbox: http://www.listbox.com