On Sat, 2004-01-31 at 13:14 +0000, Ian A B Eiloart wrote:
> Sadly, for some of the larger mail hosts this simply isn't true. We have
> periods when we can't deliver mail for days on end to providers like
> hotmail, tiscali, freeserve, and so on. We've recently enabled sender
> callback, and now (during those periods) receiving mail from those domains
> can take several days.
Hmmm. There's something to be said for bypassing the sender verification
in those cases. If you're receiving mail claiming to be from a hotmail
address from a machine which is actually a hotmail machine, for example,
it's a fairly safe bet it's from a _valid_ hotmail address.
I'm beginning to think that the TXT-record part of the SPF idea could be
useful if made more generic, and if we have a registry of _other_
information which can be included...
1. Bypass callouts for...
e.g. For .*@hotmail.com don't bother with sender-verification
if it comes from hosts *.hotmail.com or *.msn.com
2. GPG required.
e.g. Reject sender dwmw2@??? if not GPG-signed.
3. Hashcash required.
e.g. Reject sender dwmw2@??? if not hashcash-signed.
4. Never sends mail.
e.g. Reject sender exim-users@???. It never sends mail.
--
dwmw2