On Tue, 15 Jan 2008, David MacQuigg wrote:
The essential information in the form would be the Forwarder's domain
name, its authorized transmitter addresses, and the recipient's forwarding
address. '''STANDARD FORWARDING REQUEST \n To: _yahoo.com_ \n From:
__box67.com_ \n IP addresses: _see our SPF record_ \n Recipient
_dmacquig(_at_)yahoo(_dot_)com_ has asked us to forward all his mail to his
new
address in your domain. Please let us know when we may begin.''' Assuming
Yahoo confirms the request with its Recipient, this procedure seems
airtight, i.e. no way a spammer can abuse it.
That's what TENBOX/O would be. I haven't elucidated it further because
it's better to get TENBOX/E settled first. TENBOX/E alone can at least be
used reliably on it's own by the power users who can manually key in a
pseudo-address to whitelist.
TENBOX/O could in theory be used alone, but only by mailing lists that do
not VERP and forwarders that always Sham-SRS to the same MAIL FROM.
(For those who forget:
TENBOX/E = authEntication component of the TENBOX solution
TENBOX/O = authOrization component of the TENBOX solution
)
Don't forget http://trusted-forwarder.org/ and Michael's TENBOX
proposal. We could also add a "Standard Forwarding Request" form, but I
haven't given it any more thought than just what I've written above.
He didn't forget it. TENBOX/E *is* the AUTH-parameter approach.
TENBOX/O (the standard-request-form) is not a competitor but just a
user-friendly interface to TENBOX/E.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=86291364-5431e0
Powered by Listbox: http://www.listbox.com