This just goes to further show this mistaken promotion of dependency for
RFC 2822 on what should be a RFC 2821 first level solution .
All the originating receiver had to do was a _EP txt lookup for Harry's
return path domain.
lmap _ep.exchange.microsoft.com
Server: ns1.mia.bellsouth.net
Address: 205.152.144.235
Non-authoritative answer:
_ep.exchange.microsoft.com text =
"<ep xmlns='http://ms.net/1' testing='true'><out><m>"
"<a>131.107.8.3</a><a>131.107.8.4</a><a>131.107.8.12</a>"
"</m></out></ep>"
and they would of seen RIGHT away the connecting IP was not valid at SMTP.
No need for RFC 2822 analysis.
Let keep it simple folks.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
----- Original Message -----
From: "wayne" <wayne(_at_)midwestcs(_dot_)com>
To: "IETF MARID WG" <ietf-mxcomp(_at_)imc(_dot_)org>
Cc: "Paul Hoffman / IMC" <phoffman(_at_)imc(_dot_)org>; "marshall rose"
<mrose(_at_)dbc(_dot_)mtview(_dot_)ca(_dot_)us>; "andrew newton"
<andy(_at_)hxr(_dot_)us>
Sent: Wednesday, April 28, 2004 10:18 PM
Subject: Re: Caller-ID group is hiring!
In <200404290201(_dot_)i3T20iKU067750(_at_)above(_dot_)proper(_dot_)com>
"Harry Katz"
<hkatz(_at_)exchange(_dot_)microsoft(_dot_)com> writes:
Come work for Microsoft!
[stupid rant against MS snipped]
And the headers say:
Received: (from majordom(_at_)localhost)
by above.proper.com (8.12.11/8.12.9/Submit) id i3T21Nvk067821;
Wed, 28 Apr 2004 19:01:23 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to
owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org using -f
Received: from pacbell.net (adsl-64-168-75-162.dsl.snfc21.pacbell.net
[64.168.75.162])
by above.proper.com (8.12.11/8.12.9) with SMTP id i3T20iKU067750
for <ietf-mxcomp(_at_)imc(_dot_)org>; Wed, 28 Apr 2004 19:01:02 -0700 (PDT)
(envelope-from hkatz(_at_)exchange(_dot_)microsoft(_dot_)com)
Yeah, right. When was the last time Harry Katz posted from a pacbell
DSL connection?
Too bad exchange.microsoft.com doesn't publish strict C-ID or SPF
information and imc.org doesn't check such stuff. Either one would
have caught this forgery.
Anybody have any idea who posted this crud?
-wayne