[CentOS] Re: DKIM
mouss at netoyen.net
Wed Sep 24 21:26:03 UTC 2008
>> prove what?
>> if the machine with an rDNS of bobhoffman.com sends mail from
>> <*@bobhoffman.com>, and is the MX of this domain, would anybody think
>> this is a forgery?
> Mouss... I mean Ratatouille :-)
I'm feeling hungry now!
> Answer: Possibly
> Depends on many factors doesn't it?
Let me restate it: I don't care if it's a forgery. it's his
site/domain/network. if I get spam, he has to fix the problem. he can't
tell me: "a spammer forged my domain". the answer would be "a spammer
_owned_ your machine".
gmail do what they call a "guessed spf": if the client rdns matches the
sender domain, they consider that the client is "authorized" (as if it
was listed in an SPF record). I can't say for yahoo, as speculation
won't help Bob here. but I don't have an SPF record and my mail to yahoo
users is delivered.
to say it another way: I think that clients with an rdns in the sender
domain should be considered as "authorized" (like if they were in an SPF
record). if the owner doesn't want, he can still firewall them. but in
any case, he is responsible of any spam that gets out of these.
More information about the CentOS