Re: [exim] support for domainkeys

On Sat, 2004-09-25 at 16:11 +0200, David wrote:
> Hi !!
>
> > The beauty of the scheme is that it's unilateral, and it doesn't
> > _require_ participation from anyone else. That's why it works for
> > stopping fake bounces, where SPF never will.
>
> true, but it only solves a part of the problem. Your address will
> continue to be faked. Providers that do not use callouts will continue
> to receive and try to bounce to your address. Providers that use
> callouts will continue to hit your server with that callout verification
> attempts. This minimizes the bandwith problem for you, but your
> server will still have to work handling callouts/bounces.

My servers don't have to do _much_ work -- it just has to reject them.
I'm perfectly happy with that.

And yes, some people will continue to accept faked mails, whatever
happens. Unless we completely throw away SMTP and replace it with
something new, that will _always_ be the case. There can't be an
immediate panacea.

--
dwmw2