Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-12 14:56:31
On Mon, 12 Oct 2009 12:20:07 -0400 (EDT) "Stuart D. Gathman"
<stuart(_at_)bmsi(_dot_)com> wrote:
On Mon, 12 Oct 2009, Scott Kitterman wrote:
Without giving up SPF's mailing list FP immunity, it gains the same
forwarding FP immunity DKIM/ADSP has.
It would work smoother than a mere "reject mail only if DKIM/ADSP and
SPF
both say Fail" policy, because the mailserver would know in advance
whether it is worthwhile to let an incoming SPF-fail transaction proceed
to DATA.
OK, then what is the sender signing?
The sender is signing MAIL FROM in a manner similar to SES. SES would
actually be a more efficient way to accomplish the same goal, be
evaluated at SMTP envelope time, and works with the existing SPF standard
(via exists mechanism).
The drawback? It requires the sender to supply a specialized backend to a DNS
server to handle the validation requests. (PowerDNS is an authoritative only
open source DNS server that makes plug-in backends easy - so this is not a
showstopper.)
On the other hand, the DKIMed MAIL FROM proposal puts the burden of
special software on the receiver.
Also in SES, the 'signature' is encoded in the mail from. With this DKIM
envolope idea there is nothing to sign, but the body and the body header.
Scott K
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH,
Scott Kitterman <=
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, alan
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|