RobertH wrote:
prove what?
if the machine with an rDNS of bobhoffman.com sends mail from
<*@bobhoffman.com>, and is the MX of this domain, would anybody think
this is a forgery?
Mouss... I mean Ratatouille :-)
I'm feeling hungry now!
Answer: Possibly
Depends on many factors doesn't it?
Let me restate it: I don't care if it's a forgery. it's his
site/domain/network. if I get spam, he has to fix the problem. he can't
tell me: "a spammer forged my domain". the answer would be "a spammer
_owned_ your machine".
gmail do what they call a "guessed spf": if the client rdns matches the
sender domain, they consider that the client is "authorized" (as if it
was listed in an SPF record). I can't say for yahoo, as speculation
won't help Bob here. but I don't have an SPF record and my mail to yahoo
users is delivered.
to say it another way: I think that clients with an rdns in the sender
domain should be considered as "authorized" (like if they were in an SPF
record). if the owner doesn't want, he can still firewall them. but in
any case, he is responsible of any spam that gets out of these.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos