Update of /cvsroot/tmda/tmda/templates
In directory usw-pr-cvs1:/tmp/cvs-serv9060/templates
Modified Files:
confirm_request.txt
Log Message:
Add support for the ``X-Primary-Address'' header in order to
help users of challenge/response systems like TMDA interact more
seamlessly.
Previously, when TMDA users interacted, there was no way for the user
to specify which address he prefers be "whitelisted" after he
successfully confirmed his first message. This problem was
exacerbated by use of 'dated' addresses, since you'd have to confirm
each of your messages over and over until the recipient stepped in and
manually added a "wildcard" entry for you.
We now support a header called ``X-Primary-Address'' which allows the
user to specify the address he prefers be whitelisted. A general name
was chosen for this header to encourage other C/R systems to adopt it.
The take advantage of this feature, you should configure your MUA to
add an X-Primary-Address: address field to your outgoing message. e.g,
X-Primary-Address: [EMAIL PROTECTED]
If you use tmda-sendmail or tmda-ofmipd to send your outgoing mail,
you can do this with an `ADDED_HEADERS_CLIENT' entry in your
~/.tmda/config.
Now, if an incoming message contains an ``X-Primary-Address'' header,
TMDA will CONFIRM_APPEND that address instead of the Return-Path address
when the message is confirmed.
TMDA will also check the address in ``X-Primary-Address'' against
FILTER_INCOMING along with the envelope sender, From and Reply-To.
To limit the potential for abuse where a sender would specify an
external address to get it whitelisted, TMDA will only honor
``X-Primary-Address'' if the address looks sufficiently similar to the
envelope sender address. If not, TMDA falls back on using the envelope
sender address instead. The necessary degree of closeness can be tuned
by setting the PRIMARY_ADDRESS_MATCH variable. The default setting is
to accept if the domains of the addresses match. This should be
flexible enough to cover most users while still greatly limiting
potential abuse.
Overall, this mechanism should reduce the amount of thinking and
planning ahead you need to do when sending mail to a new correspondent
who may or may not use a C/R system.
Thanks to Gre7g Luterman for this idea.
Index: confirm_request.txt
===================================================================
RCS file: /cvsroot/tmda/tmda/templates/confirm_request.txt,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- confirm_request.txt 10 Nov 2002 03:03:46 -0000 1.11
+++ confirm_request.txt 13 Nov 2002 01:56:54 -0000 1.12
@@ -6,7 +6,7 @@
This message was created automatically by mail delivery software (TMDA).
Your message attached below is being held because the address
-<%(envelope_sender)s> has not been verified.
+<%(confirm_append_address)s> has not been verified.
To release your message for delivery, please send an empty message
to the following address, or use your mailer's "Reply" feature.
_______________________________________
tmda-cvs mailing list
http://tmda.net/lists/listinfo/tmda-cvs
