-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected] il.com>, Douglas Foster <[email protected]> writes
>SPF is designed for clarity I am not addressing your comments on DKIM in this response >for the situation where a message is submitted directly from the >originating organization to the final recipient organization, and the SPF >record confirms that the source IP address is an authorized message >origination server for that specific domain. I agree with that [snip] >The goal of this process is to walk backward through the Received chain to >find the first organization to handle the message, after excluding client >connections. [snip the details of the examination of the Received chain] >Upon completion of this data collection, the originating Mail From domain >may be uncertain, but should be constrained to no more than two values. all very well .. but what this does not do is to demonstrate in any way that the body of the message as received after it has been handled by intermediaries bears any relationship whatsoever to what was initially sent. Additionally, competent forgery of Received header fields (which I would agree is beyond some people) means that you cannot even be certain that the message took the alleged first hop That's why doing the sort of analysis you set out is not attempted by mail receivers (present company perhaps excepted) apart from occasional one-off efforts to attempt to determine "what on earth is going on" - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBZx+MCd2nQQHFxEViEQLKYQCfSRc7Y7bp5l5v9yZQtSRwxEmqPagAoMQf 968arKFgGdxfUtU/Zg/u0cOK =UY9B -----END PGP SIGNATURE----- _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
