[SATLUG] Attn: Bob Tracy
Bob Tracy
rct at gherkin.frus.com
Wed Jan 10 21:59:05 CST 2007
Daniel J . Givens wrote:
> On Wed, 10 Jan 2007 16:05:23 -0600 (CST), rct at gherkin.frus.com (Bob Tracy) wrote:
> > In that regard, I try to be
> > as flexible as possible, but as an example of where automatic correlation
> > fails, there's no automatic way of knowing that a yahoo.com host is
> > authorized to send mail on behalf of a sbcglobal.net user in the absence
> > of DNS records to establish such a relationship.
>
> People should use SPF records and then we would know.
> http://en.wikipedia.org/wiki/Sender_Policy_Framework
Precisely what I was hinting at :-). In the absence of SPF records,
I'll consider MX records. If neither record type exists for a given
sender address, then the client delivering the mail had better be in
the same domain as the sender (at least the two top-level domain
components must agree). Beyond that, I don't know what else could
reasonably be expected.
People may remember the old monkeys.com Postfix patches to do client <-->
sender address correlation. The notion pre-dates SPF, and the checking
was crude at best, but the idea was intriguing. I've taken that concept
to the next level.
--
-----------------------------------------------------------------------
Bob Tracy WTO + WIPO = DMCA? http://www.anti-dmca.org
rct at frus.com
-----------------------------------------------------------------------
More information about the SATLUG
mailing list