Amir Herzberg wrote:
On Mon, May 25, 2009 at 6:54 PM, Douglas Otis <dotis(_at_)mail-abuse(_dot_)org
<mailto:dotis(_at_)mail-abuse(_dot_)org>> wrote:
http://amir.herzberg.googlepages.com/somerecentpapers
This paper refers to DNS poisoning without fully exploring how SPF
might be used to enable DNS poisoning. SPF might be checked by MUAs
in some cases. More than just resolvers associated with MTAs are
affected, so separate resolvers for MTAs, which themselves might
become poisoned, does not represent a good solution.
Sorry - I simply was not aware of SPF checks being invoked by MUAs. I
actually find it a bit strange that MUAs would do SPF validations,
considering they don't get MAIL FROM, but human ingenuity is endless and
I apologize for this ignorance. Doug, can you give me specific examples
- preferably of common MUA clients and if possible, of appropriate
documentation so I can read about it and/or test it? Tks!
Well. Me too, I don't understand why it could be interesting to check SPF in the MUA. It
may be interesting to check SPF when one have access to both sender domain and IP address
of the SMTP client connecting to the MTA. This information isn't usually available to the
MUA, unless it will trust on data available on headers.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg