|
Re: [spf-discuss] How does SPF prevent forgery?
2006-02-16 17:00:27
Wally Winchester wrote:
Ah, that clears that up then - but leaves me confused, why (or when) is
it important to check 2821 addresses?
The truth is, there is only 1 2821 identity (well, or none, but then you
can check the HELO of the sender)
Whereas there are MANY 2822 candidate fields (from, reply to, bounces
to, list fields, etc etc etc). Hence the PRA "algorithm".
In order to apply whitelisting or blacklisting on something (usually a
domain name), you need to know that the domain name is not forged.
The ideal place to do that is right at the beginning, at 2821 time, at
the beginning of the SMTP transfer (so you don't waste all that
bandwidth accepting something you are going to reject as forged). Note
that you have to go into DATA to get the 2822 headers, and once in DATA
you cannot reject the email until you have received ALL of it (well,
mostly true, you can reject it if its too large, but that's about it).
Point being, you cannot accept the 2822 headers, and then reject right
away, you have to wait for the entire email (upto your size cap), and
then reject.
SPF is *not* a spam solution, it is a forgery solution. Once you can be
sure you have some "identity" aka domain name that is verified, you can
then check whitelists/blacklists/etc to see if you want to accept email
from the (verified) identity.
Terry
WW
On Thu, 16 Feb 2006 17:31:54 -0500, "Terry Fielder"
<terry(_at_)ashtonwoodshomes(_dot_)com> said:
SPF checks 2821 addresses. It makes no assertion about 2822 addresses.
Some would call 2822 address fakes "phishing", not forgery.
For 2822 checking, you should look at PRA (aka sender id). But there
are serious caveats with using it, so be careful.
Terry
Wally Winchester wrote:
Hello.
If SPF only checks the envelope from address, how does it prevent
forgery?
i.e. how does it prevent a user getting an email From:
person(_at_)bank(_dot_)com?
WW
--
Terry Fielder
terry(_at_)greatgulfhomes(_dot_)com
Associate Director Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
Fax: (416) 441-9085
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
--
Terry Fielder
terry(_at_)greatgulfhomes(_dot_)com
Associate Director Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
Fax: (416) 441-9085
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
|
|