|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: [Asrg] Re: Receiver Initiated Authentication
From: David Nicol <davidnicol(at)gmail.com>
Date: Mon Sep 17 2007 - 13:08:40 EDT
> I am concerned about forwarded email. Once the Receiver Generated SPF
> database is established then most of the unauthenticated ham will come via
> forwarders who already accepted the original email. I'm open to any
> suggestions on how to work around this, otherwise I still argue that highly
> selective bounces are only mildly evil.
Date: Mon Sep 17 2007 - 13:08:40 EDT
On 9/17/07, Michael Kaplan <michaelkaplanasrg@gmail.com> wrote:
>
> I am concerned about forwarded email. Once the Receiver Generated SPF
> database is established then most of the unauthenticated ham will come via
> forwarders who already accepted the original email. I'm open to any
> suggestions on how to work around this, otherwise I still argue that highly
> selective bounces are only mildly evil.
Quarantine (or soft-fail) and query the recipient. Parse the headers in the forwarded message; if a spf-good appears earlier, offer the addressee the option of whitelisting the final relay. The addressee has signed up for the protection, knowing there may be a touch of configuration. Integrate with reputation systems (and refer to documentation strongly suggesting using a SPF-compliant RFC 821 "SRS" envelope instead of a simplified one) in the 450 rejection) and statistical analysis in deciding how to dispose of such messages.
--
"I will not tolerate continued noncompliance"
-- Neelie Kroes
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg
Received on Mon Sep 17 13:09:03 2007This archive was generated by hypermail 2.1.8 : Mon Oct 29 2007 - 14:15:56 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |