On Fri, 10 Jul 2009, alan wrote:
[ In response to Stuart D. Gathman's proposal ]
untrue:
example if a spammer has a bot infecting my home pc
ptr host244.freudenhaus.alandoherty.net
Re-read Stuart's message. He is not proposing that reverse-DNS consistency,
and checks for "dialup looking" hostnames, be overridden by a HELO.
Rather, he's just asking for a new mechanism, which is similar to ptr, but
uses the HELO rather than a reverse-DNS check. Both mechanisms do a
forward-check afterwards, so they are equally unforgeable.
And the new mechanism would only affect the SPF checks of domains that use
it.
We don't need to worry about hostile parties using it in SPF records they
control. They don't need it -- they can get all they want (an SPF record
that is effectively +all without being programmatically detectable as same)
using the exists mechanism.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com