ietf-mxcomp
[Top] [All Lists]

RE: What Meng said

2004-08-13 17:15:48

Harry,

If one goes to:

http://www.anti-spamtools.org/SenderIDEmailPolicyTool/Default.asp
x

A wizard has been set up to assist folks in publishing what
is called an 'E-mail policy document' which can be used by
people who have implemented Sender-ID

I found this link by going to:

http://www.microsoft.com/mscorp/twc/privacy/spam_senderid.mspx

(It is referenced under related links.)

If you run through the wizard, at the last page, you will
find the following statement:

Your E-Mail Policy Document must be published in DNS
records of type TXT in the subdomain "_ep" under your
domain. Consult the documentation of your DNS
administration tools for further details on publishing this.

It is my understanding:

* the marid protocol for SPF (to be renamed Sender-ID) does
not require publishing the 'E-Mail Policy Document' in the
subdomain "_ep." 

* this is a carry over from the Caller-ID protocol.

* with the merger of SPF and Sender-ID this requirement was
dropped

With the media drive now underway to get the word out about
Sender-ID:

* if people go to the SPF site they will receive one
instruction for publishing an Sender Policy Framework in
DNS records of type TXT;

* if people go to the anti-spamtools.org site, people are
going to be lead to believe they have to publish their
'E-Mail Policy Document' in DNS records of type TXT in the
subdomain "_ep."

With the ongoing issue of a change in version string and
whether you have to publish one or two records, this raises
concerns.

I am not wanting to suggest any malice on anyone's part. 

I suspect what happened is that someone in setting up the
wizard simply read the wrong document.

If you scroll down the page at:

http://www.microsoft.com/mscorp/twc/privacy/spam_senderid.mspx

you will note that the: 

Sender ID Draft Specification: MTA Authentication Records
in DNS" 

is the version dated June 23, 2004 which is now out of date.

Can we get this rectified so that the wizard is based on
the most recent version of the protocol? 

Otherwise I suspect people are going to be publishing the
wrong records in the wrong place.

John

P.S. I also note the following additional statements on
this page:

http://www.microsoft.com/mscorp/twc/privacy/spam_senderid.mspx

concerning the wizard.

Note: This tool is in beta, pending IETF approval. SPF
records created with this tool will require later revisions.

To check for the SPF record in incoming mail, your ISP or
system administrator will need to update to Sender
ID–compliant software to check for the Purported
Responsible Address (PRA) of incoming mail.

If you are a software developer and are interested in
implementing the PRA check in your software, please review
the terms of the Caller ID for E-Mail implementation
license agreement before you begin. Please note that
Microsoft does not require a license agreement for
individuals, companies, or ISPs who wish only to publish
their Sender ID SPF text records.

I simply reference this material in passing.

John Glube
Toronto, Canada

The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.734 / Virus Database: 488 - Release Date: 04/08/2004
 



<Prev in Thread] Current Thread [Next in Thread>