Author: Richard Salts Date: To: exim-users Subject: Re: [exim] Sender callout verification on BATV signed addresses
On Wed, 22 Apr 2009 06:09:13 Bryan Rawlins wrote: > So my question is, and I'm strictly looking for personal opinions here;
> Are callout/callback verifications on the envelope sender when that
> sender is signed more acceptable than just doing them in general? Tony Finch mentioned at some point toying with BATV but suggested signing the
domain rather than the local part. It requires more infrastructure, such as a
trick dns server to host the subdomains which are signed, but it could be a
way for BATV to be used as an authenticity test without leading to the heavy
penalties to the domain owner of SCV. I think it might have other
disadvantages such as a big impact on caching resolvers and dns traffic,
possibly even decreased reliability. But it seems to me that dns scales a lot
better than smtp servers, given the number of RBLs using it as a mechanism to
publish very dynamic data.