On Fri, 23 Jul 2004, Kyle Hasselbacher wrote:
> I think SPF before challenge is a good idea, but don't make the problem
> bigger than it is. I have an SPF record, and I get 2000 times more bounces
> from mail servers than I do misdirected challenges from TMDA users. That's
> not hyperbole.
Bounces (as opposed to replies, like TDMA sends) are no problem if you
use SES (SRS for local mail). Forged bounces (mail from <>) are immediately
detected by a missing or invalid SRS crypto cookie, and rejected before DATA.
--
Stuart D. Gathman <[EMAIL PROTECTED]>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
