[Mimedefang] Re: VERY Newbie Question
Jason Gurtz
jason at jasongurtz.com
Fri Oct 29 12:46:13 EDT 2004
On 10/29/2004 11:13, Ian Mitchell wrote:
> Then I would wonder if something along the lines of SPF (spf.pobox.com)
> would work. I know this method was recently critisized for Microsoft's
> liscensing methods and such forth.
Having followed that debacle for a while... SPF has nothing to do with
the technical and IPR criticisms of Microsoft's SenderID. In a nutshell,
the criticisms are directed specifically against the SenderID technical
method of validating the PRA (more or less the From: header inside the
message) and also the incompatibility of a patent license that covers this
PRA checking with licenses like the gpl which demand that users retain the
same development rights as the developers. There are also technical
concerns with how PRA checking gets along with envelope MAIL FROM checking.
Note that SPF, which validates with the envelope MAIL FROM header, has
it's own technical problems, mostly with mail forwarding services which
intentionally spoof it.
> [...] I would be hesitant to
> suggest this type of functionality be included in MimeDefang, atleast
> until a much better industry following took place, besides, its probably
> better suited in SpamAssassin instead,
Yep, it's already in SA 3.x and I find that SA works real nice in tandem
with MIMEDefang :) In my case, I just reject anything (after DATA, oh
well) that outright fails the SPF check (sending domain has "-all" in
there DNS record). Note that I have no concerns at my site with the SPF
forwarding issues.
For now, I give a slight score advantage in Spamassassin for everything
that has SPF and passes. That will likely change at some point :)
More information about the MIMEDefang
mailing list