Re: debian.org e-mail address and SPF/SRS
Hi, Matthew Palmer wrote:
> Uhm, having just read through the supplied URL, I can't agree with the
> sanity of the proposal. It appears to require that headers not be modified
> at all in transit
You can tell it which headers to protect, so that's not a problem.
In theory. Mailing lists do have a problem, but the list forwarder can
always re-sign the message. (It' in the draft.)
I don't like that proposal for a totally different reason: I need
to get the whole message before I can even think about rejecting it.
SPF, on the other hand, I can use as soon as I get the MAIL FROM:.
If I assume the DNS to be not compromised and mailers to be not-open-relay
(as the draft does), DomainKeys gets me precisely nothing, compared to
SPF. However, it'll hurt my bandwidth and my CPU.
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de
Reply to: