[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] mail security

To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Subject: Re: [Asrg] mail security
From: John Leslie <john at jlc.net>
Date: Fri, 23 Jan 2009 09:13:19 -0500
Delivered-to: ietfarch-asrg-archive at core3.amsl.com
Delivered-to: asrg at core3.amsl.com
In-reply-to: <77EC9269686778C04201F039 at lewes.staff.uscs.susx.ac.uk>
List-archive: <http://www.irtf.org/pipermail/asrg>
List-help: <mailto:asrg-request@irtf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-post: <mailto:asrg@irtf.org>
List-subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
References: <C1A3AC106E91AB28E2226803 at lewes.staff.uscs.susx.ac.uk> <20090120145354.57509.qmail at simone.iecc.com> <20090120155005.GJ24908 at verdi> <497747B8.5030206 at tana.it> <20090121172756.GL24908 at verdi> <77EC9269686778C04201F039 at lewes.staff.uscs.susx.ac.uk>
Reply-to: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Sender: asrg-bounces at irtf.org
User-agent: Mutt/1.4.1i

   The point I was attempting to make is that SPF records _can_ accurately
reflect sender policy, while SPF processing will incorrectly indicate a
violation of it.

   As things stand in SPF, folks end up publishing less-correct records
in an attempt to tune to a more satisfactory result.

>> Forging headers to indicate forwarding which didn't happen indicates
>> evil intent, and should be practical to block-list like other spamming
>> IPs. Well-known forwarders could be whitelisted, enabling us to trust
>> their pre-forwarding headers. Et cetera...
> 
> Blech. Why not just let them rewrite the sender address.

   You, of course, are welcome to do whatever you want with SPF records;
I happen to dislike punishing MTAs for following the SMTP specs.

   But please understand that strict SPF processing hasn't yet stopped
forwarding MTAs from documenting the forwarding according to spec
rather than rewriting addresses the way you want them to. Do you really
believe this will change?

> People just should not be encouraged to send email with return-paths
> in domains that don't belong to them. It simply postpones the day when
> we can hold senders accountable for their traffic.

   Unfortunately, that is what the SMTP RFCs call for: if you don't
like it, you should be seeking consensus to change them.

   Furthermore, you seem to be confusing "people who send email" with
MTAs which process it. The return-path is intended to be the "best"
address for notifications. As things currently stand, MTAs are in no
position to second-guess whether some other address would be "better".

--
John Leslie <john at jlc.net>
_______________________________________________
Asrg mailing list
Asrg at irtf.org
http://www.irtf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] mail security
  - From: Bill Cole
- Re: [Asrg] mail security
  - From: Alessandro Vesely
- Re: [Asrg] mail security
  - From: Ian Eiloart

References:
- Re: [Asrg] where the message originated (was: DKIM role?) (SM)
  - From: Ian Eiloart
- Re: [Asrg] mail security
  - From: John Levine
- Re: [Asrg] mail security
  - From: John Leslie
- Re: [Asrg] mail security
  - From: Alessandro Vesely
- Re: [Asrg] mail security
  - From: John Leslie
- Re: [Asrg] mail security
  - From: Ian Eiloart

Prev by Date: Re: [Asrg] Meta channel, not bounces
Next by Date: Re: [Asrg] mail security
Previous by thread: Re: [Asrg] mail security
Next by thread: Re: [Asrg] mail security
Index(es):
- Date
- Thread