[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: Disaster looming: SPF

To: asrg at ietf.org
Subject: Re: [Asrg] Re: Disaster looming: SPF
From: Devdas Bhagat <devdas at dvb.homelinux.org>
Date: Fri, 10 Dec 2004 18:58:50 +0530
In-reply-to: <41B8D4C4.17CB@xyzzy.claranet.de>; from nobody@xyzzy.claranet.de on Thu, Dec 09, 2004 at 11:42:12PM +0100
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Mail-followup-to: asrg at ietf.org
Notice-requested-upon-delivery-to: devdas@dvb.homelinux.org
References: <20041126111000.GU31887@f-prot.com> <200411270654.iAR6scF14204@panix5.panix.com> <41A91C8C.59BE@xyzzy.claranet.de> <41B2630F.7040601@elvey.com> <41B3AC8C.267@xyzzy.claranet.de> <41B81DE3.9050204@elvey.com> <41B84860.355F@xyzzy.claranet.de> <20041210002500.A23089@evita.devdas.geek> <41B8D4C4.17CB@xyzzy.claranet.de>
Reply-to: Devdas Bhagat <devdas at dvb.homelinux.org>
Sender: asrg-bounces at ietf.org
User-agent: Mutt/1.2.5.1i

On 09/12/04 23:42 +0100, Frank Ellermann wrote:
> Devdas Bhagat wrote:
> 
> > What about using multiple .forwards or equivalent?
> 
> Forwarding is something the receiver does.  Sender policies are
> something the senders publish.  Senders don't know and don't
> care what a receiver does, it's his problem.  Senders only say:
> 

Right. But .forward is still used and SPF breaks that. SRS is a hack to
try and prevent it breaking.

> "These are the IPs you as 3rd party see in MAIL FROM me to you
>  at your MX, any other mail claiming to be MAIL FROM me at your
>  MX is forged, don't bother to accept it, please reject it."
> 
> Why's that so difficult to understand ?  Senders have no idea
> how a receiver forwards mail behind his MX, it's none of their
> business.  The receiver is free to do whatever he likes.  And
> if his mail setup is broken he owns the pieces.

Breaking a known working feature is not a good way to keep those
power users happy.

> > Or people using the bounce feature in mutt?
> 
> Is that the stuff where I get mail claiming to be MAIL FROM me,
> but in fact it's from somebody else ?  I'd report it to abuse@
> for the corresponding IP, it's forged.  But actually it should
> never arrive if publishers of -all policies also check SPF on
> their own MX.

No. Mutt adds a Resent-from header and keeps the original mail
information. This needs deliberate action by the sender, and is the
equivalent of a .forward (slightly loosely speaking) for that mail.

Devdas Bhagat

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann
- Re: [Asrg] Re: Disaster looming: SPF
  - From: Peter J. Holzer

References:
- [Asrg] "worm spam" and SPF
  - From: Fridrik Skulason
- Re: [Asrg] "worm spam" and SPF
  - From: Seth Breidbart
- [Asrg] Re: "worm spam" and SPF
  - From: Frank Ellermann
- [Asrg] Disaster looming: SPF
  - From: Matthew Elvey
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann
- Re: [Asrg] Re: Disaster looming: SPF
  - From: Matthew Elvey
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann
- Re: [Asrg] Re: Disaster looming: SPF
  - From: Devdas Bhagat
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann

Prev by Date: Re: [Asrg] Re: "worm spam" and SPF
Next by Date: RE: [Asrg] A response to the critique of my anti-spam system
Previous by thread: [Asrg] Re: Disaster looming: SPF
Next by thread: Re: [Asrg] Re: Disaster looming: SPF
Index(es):
- Date
- Thread