ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: "worm spam" and SPF

2004-11-27 18:22:38
from [Peter J. Holzer] [Permanent Link] 
On 2004-11-28 01:32:13 +0100, Frank Ellermann wrote:

Seth Breidbart wrote:


At this point, strong SPF checking breaks too much stuff
(especially forwarding).


It's not "especially forwarding", it's only 251-forwarding to
third parties abusing the original MAIL FROM. 


You mean section 3.2?

The 251 reply is used to tell the sender the correct address, so that
the sender can send the next mail directly. I have never seen this, and
I would consider it broken under most circumstances (I.e., if I give
somebody an email address A which is forwarded to my other address B, I
do not want to disclose B to that person). The 551 reply may be useful
sometimes.


That was always illegal in STD 10, you had to add the route to the
MAIL FROM.


Yes, but that is true for all kinds of relaying (see section 3.6):

| In any case, the SMTP adds its own identifier to the reverse-path.

I don't know if that requirement of RFC 821 was ever widely implemented.
If it was, it was discontinued at least 15 years ago.



RfC 2821 removed the routing from bounces,


Yes, because nobody was using it anyway.


and that implicitly obsoleted 251-forwarding. 


I see no connection between source-routes and forwarding in rfc 821.


It's not SPF breaking stuff, quite the contrary, SPF tries to fix
something broken by 2821.  Bye.


A source route in the reverse-path isn't any more reliable than
Received-headers. It solves nothing without additional requirements
(like: "every relay needs to record which mails it forwarded an relay
bounces in the opposite direction"), and therefore SPF cannot fix what
wasn't broken.

        hp

-- 
   _  | Peter J. Holzer    | Je höher der Norden, desto weniger wird
|_|_) | Sysadmin WSR       | überhaupt gesprochen, also auch kein Dialekt.
| |   | hjp(_at_)hjp(_dot_)at         | Hallig Gröde ist fast gänzlich 
dialektfrei.
__/   | http://www.hjp.at/ |   -- Hannes Petersen in desd

Attachment: pgpY4H77A0B01.pgp
Description: PGP signature

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Re: "worm spam" and SPF], Frank Ellermann
Next by Date:  Re: [Asrg] "worm spam" and SPF, Bill Cole
Previous by Thread:  [Asrg] Re: "worm spam" and SPF, Frank Ellermann
Next by Thread:  RE: [Asrg] "worm spam" and SPF, Vipul Ved Prakash
Indexes:  [Date] [Thread] [Top] [All Lists]