Re: SPF

To: debian-devel@lists.debian.org
Subject: Re: SPF
From: Andreas Barth <aba@not.so.argh.org>
Date: Sat, 24 Jul 2004 09:08:40 +0200
Message-id: <[🔎] 20040724070840.GD23003@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 4101E510.1090408@galacticasoftware.com>
References: <[🔎] 20040704214611.39525198CD6@nightcrawler> <[🔎] 1089024707.20634.5.camel@leom181.leom.ec-lyon.fr> <[🔎] 200407051315.55946@fortytwo.ch> <[🔎] 87llhymqid.fsf@sinken.local.csis.hku.hk> <[🔎] 3939595a.0407220943.6dc21107@posting.google.com> <[🔎] 87vfgfa5p0.fsf@sinken.local.csis.hku.hk> <[🔎] 3939595a.0407231033.3063ce14@posting.google.com> <[🔎] 4101E510.1090408@galacticasoftware.com>

* Adam Majer (adamm@galacticasoftware.com) [040724 06:40]:
> Indeed. SRS breaks SPF. SPF seems to be good only for direct mailing
> domains. It essentially breaks all lists.
> 
> I guess the only way to allow forwarding is for the MTA to sign each
> outgoing message and then to publish the public key in the DNS. I don't
> see another way around it.

A combination of SPF and signing could be interessting. So, the
signature is only checked if SPF fails (and this saves time on the
receiving side if the message is not forwarded). Hm, perhaps this can
be done by just adding additional items like:
"sign:outmx1.domain.invalid", and outmx1.domain.invalid has it's
proper key in it's own dns entry.


Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to:

References:
- Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C
  - From: Eric Dorland <eric@debian.org>
- Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C
  - From: Josselin Mouette <joss@debian.org>
- SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Isaac To <iketo2@netscape.net>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: erik@zoneedit.com (Erik Aronesty)
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Isaac To <iketo2@netscape.net>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: erik@zoneedit.com (Erik Aronesty)
- Re: SPF
  - From: Adam Majer <adamm@galacticasoftware.com>

Prev by Date: Re: Free non-software stuff and what does it mean. [was Re: General Resolution: Force AMD64 into Sarge]
Next by Date: Bug#261183: ITP: python-gtk2-doc -- Documentation and API reference of GTK2 bindings for python
Previous by thread: Re: SPF
Next by thread: Re: SPF
Index(es):
- Date
- Thread