Update of /cvsroot/tmda/tmda
In directory usw-pr-cvs1:/tmp/cvs-serv9060
Modified Files:
UPGRADE
Log Message:
Add support for the ``X-Primary-Address'' header in order to
help users of challenge/response systems like TMDA interact more
seamlessly.
Previously, when TMDA users interacted, there was no way for the user
to specify which address he prefers be "whitelisted" after he
successfully confirmed his first message. This problem was
exacerbated by use of 'dated' addresses, since you'd have to confirm
each of your messages over and over until the recipient stepped in and
manually added a "wildcard" entry for you.
We now support a header called ``X-Primary-Address'' which allows the
user to specify the address he prefers be whitelisted. A general name
was chosen for this header to encourage other C/R systems to adopt it.
The take advantage of this feature, you should configure your MUA to
add an X-Primary-Address: address field to your outgoing message. e.g,
X-Primary-Address: [EMAIL PROTECTED]
If you use tmda-sendmail or tmda-ofmipd to send your outgoing mail,
you can do this with an `ADDED_HEADERS_CLIENT' entry in your
~/.tmda/config.
Now, if an incoming message contains an ``X-Primary-Address'' header,
TMDA will CONFIRM_APPEND that address instead of the Return-Path address
when the message is confirmed.
TMDA will also check the address in ``X-Primary-Address'' against
FILTER_INCOMING along with the envelope sender, From and Reply-To.
To limit the potential for abuse where a sender would specify an
external address to get it whitelisted, TMDA will only honor
``X-Primary-Address'' if the address looks sufficiently similar to the
envelope sender address. If not, TMDA falls back on using the envelope
sender address instead. The necessary degree of closeness can be tuned
by setting the PRIMARY_ADDRESS_MATCH variable. The default setting is
to accept if the domains of the addresses match. This should be
flexible enough to cover most users while still greatly limiting
potential abuse.
Overall, this mechanism should reduce the amount of thinking and
planning ahead you need to do when sending mail to a new correspondent
who may or may not use a C/R system.
Thanks to Gre7g Luterman for this idea.
Index: UPGRADE
===================================================================
RCS file: /cvsroot/tmda/tmda/UPGRADE,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- UPGRADE 8 Nov 2002 20:31:09 -0000 1.66
+++ UPGRADE 13 Nov 2002 01:56:53 -0000 1.67
@@ -2,6 +2,10 @@
If you are upgrading from a release of TMDA < 0.65:
+* If you are using customized templates, you should replace
+ %(envelope_sender)s with %(confirm_append_address)s in your
+ confirm_request.txt.
+
* When doing program deliveries to procmail, you should no longer be
using the ``-f'' option. e.g,
_______________________________________
tmda-cvs mailing list
http://tmda.net/lists/listinfo/tmda-cvs
