[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review

To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Subject: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
From: Jose-Marcio Martins da Cruz <Jose-Marcio.Martins at mines-paristech.fr>
Date: Mon, 25 May 2009 23:22:20 +0200
Delivered-to: asrg at core3.amsl.com
In-reply-to: <3be421270905251345l1bbe8ce9je5554b727e7440a7 at mail.gmail.com>
List-archive: <http://www.irtf.org/mail-archive/web/asrg>
List-help: <mailto:asrg-request@irtf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-post: <mailto:asrg@irtf.org>
List-subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
References: <003d01c9dd01$bf3531d0$800c6f0a at china.huawei.com> <4A1A45BA.5030704 at swin.edu.au> <3be421270905250718y5d62f6d5odb6f2bebecf418d0 at mail.gmail.com> <6684E747-55CB-4BB3-B838-9F4FE906AFE7 at mail-abuse.org> <3be421270905251345l1bbe8ce9je5554b727e7440a7 at mail.gmail.com>
Reply-to: Jose-Marcio.Martins at mines-paristech.fr, Anti-Spam Research Group - IRTF <asrg at irtf.org>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090507 Fedora/1.1.16-1.fc10 SeaMonkey/1.1.16

Amir Herzberg wrote:

On Mon, May 25, 2009 at 6:54 PM, Douglas Otis <dotis at mail-abuse.org<mailto:dotis at mail-abuse.org>> wrote:
    http://amir.herzberg.googlepages.com/somerecentpapers

    This paper refers to DNS poisoning without fully exploring how SPF
    might be used to enable DNS poisoning.  SPF might be checked by MUAs
    in some cases.   More than just resolvers associated with MTAs are
    affected, so separate resolvers for MTAs, which themselves might
become poisoned, does not represent a good solution.
Sorry - I simply was not aware of SPF checks being invoked by MUAs. Iactually find it a bit strange that MUAs would do SPF validations,considering they don't get MAIL FROM, but human ingenuity is endless andI apologize for this ignorance. Doug, can you give me specific examples- preferably of common MUA clients and if possible, of appropriatedocumentation so I can read about it and/or test it? Tks!

Well. Me too, I don't understand why it could be interesting to check SPF in the MUA. Itmay be interesting to check SPF when one have access to both sender domain and IP addressof the SMTP client connecting to the MTA. This information isn't usually available to theMUA, unless it will trust on data available on headers.

Follow-Ups:
- Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: Chris Lewis

References:
- [Asrg] 答复: DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: Sean Shen
- Re: [Asrg] ´ð¸´: DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: grenville armitage
- Re: [Asrg] ´ð¸´: DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: Amir Herzberg
- Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
  - From: Amir Herzberg

Prev by Date: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
Next by Date: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
Previous by thread: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
Next by thread: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
Index(es):
- Date
- Thread