[mail-vet-discuss] Auth-Results installed base
J D Falk
jdfalk at returnpath.net
Wed Oct 29 07:53:53 PDT 2008
On 24/10/2008 19:28, "Dave CROCKER" <dhc at dcrocker.net> wrote:
> J D Falk wrote:
>> +2 (because I've worked on implementations of the header at two companies
>> thus far.)
> Hmmm. It occurs to me that it might help things to have reports from those
> are using the header. Who is using and how they are using it could help
> establish a referential base when a) considering whether the spec is worthy of
> standardization, and b) considering proposed changes to the specification.
Return Path gets feeds of various types of data -- including many raw email
messages -- from ISPs, anti-spam vendors, and so forth.
With messages from some of these partners, we parse the
Authentication-Results header to discover what /their/ authentication
results were -- in other words, for this purpose we act like a client inside
their administrative domain. I won't get into how we authenticate that the
header was added by the partner rather than the original sender, but we're
comfortable that it's about as good as we can make it, and sufficient for
our purposes. It probably isn't sufficient for all purposes.
While I can't name names without potentially violating our agreements with
some of these partners, I can safely state that there are more sites
authenticating (and using this header) than appear to be represented on this
list. Most of seem are unlikely to implement any drastic header format
change, because the old format is sufficient for their needs.
For other mailstreams, we do an authentication check ourselves and put the
results in an A-R header of our own making.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the mail-vet-discuss