spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Yet another attempt to fix forwarding

2008-02-05 23:10:10
On Tue, 5 Feb 2008, David MacQuigg wrote:
After hearing that, they will eventually modify their whitelisting
option, so it works with a domain name, not necessarily a full address.

That's not the right direction.

I don't understand what you mean.  What I was talking about is a very
[...]
yahoo.com.

Right direction -- extend things so that the end-user can add the
forwarding input address to their whitelist and things will Just Work.
Only SWK-SPF does this.

Wrong direction -- extend things so that the whitelist can hold
non-email-address tokens, like hostnames from rDNS or HELO.  This is
dangerous because whitelist entries to support a given forward may have no
obvious connection to the forwarding, tempting lusers to "garbage collect"
them out of their lists.

Experts can use such techniques, and often have to because their
forwarders have no support for anything safer, but it could get ugly if
people who are not 100% clued-in attempt them.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=94110742-1abed8
Powered by Listbox: http://www.listbox.com