On Fri, 17 Jul 2009, Michael Deutschmann wrote:
I had one idea on how a sender could cope with an unhandled forwarder
problem or unwhitelisted backup MX in some receivers, without completely
giving up the benefits of SPF fail: Maintain an RHSBL of *recipient* domains
which do not handle SPF properly, and then use a ?exists mechanism to query
it and return neutral for matches, ahead of the -all or ~all sane recipients
will see.
A *great* idea.
Sadly, when I looked up the RFC to see exactly how to write such an exists
line, I found it's impossible in SPFv1. There are macros for the sender
local-part and domain, but nothing for the recipient.
So, I propose rectifying that in SPFv3. We just need to add a new macro
that expands to the RCPT TO domain of an attempted SMTP transaction. Might
as well add one for local-part, too.
Since everyone is shooting down my v3 ideas with "here's how you could
do it in v1", let me shoot yours down. :-) All(!) you have to do is
have your MTAs encode the sender in the helo name it uses when
transmitting the email. For instance, assign an ID number to every
recipient in your "braindead" list. Use BDnnnnnnnn.smtp.example.com
as the HELO name in your MTA, where nnnnnnnn is the ID assigned to the
braindead recipient.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com