On Mon, Jan 07, 2008 at 02:27:05PM -0700, Esther Schindler wrote:
> And finally, part 2 is published too!
>
> Let me know if I made any boo-boos.
I'm picking fairly small holes here - overall I think it's an "accurate
enough" article (in that in deliberately provides an overview, and glosses
over some details). So, no complaints overall. But anyway...
"the "make sure the sender is trustworthy" process is called authenticated
SMTP." - I found that phrase to be particularly iffy. I would have phrased it
more like, "If the MUA authenticates itself to the MTA (e.g. using your
username & password), this is 'authenticated SMTP'". i.e. if the MUA connects
to the MTA on a trusted IP address, and doesn't authenticate, it's probably
misleading/wrong to call that "authenticated SMTP".
"Your mail server does a lookup on the domain name servers (DNS) ... to find
out who's signed up to accept mail for the recipient's domain." - again,
"signed up" is an odd phrase to use here. More like, "Your mail server does a
lookup ... to find out which mail servers the owners of the recipient's domain
have nominated to receive incoming mail". i.e. making it clear that this is
controlled by the recipient domain administrators.
"I have a message for code>person@???" - some HTML glitch there,
I think.
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey