Re: consensus call on pra/mailfrom deployment and versioning/scope

ietf-mxcomp

Re: consensus call on pra/mailfrom deployment and versioning/scope

2004-09-08 12:15:26


On Wed, 2004-09-08 at 11:19, Yakov Shafranovich wrote:

Jim Fenton wrote:

At 11:45 AM 9/8/2004 -0400, Meng Weng Wong wrote:

Step 2: HELO bob.mta MAIL FROM:<alice> SUBMITTER=<bob> RCPT
TO:<robert> DATA Resent-From: <bob>

At step 2, the receiver can apply spf/HELO tests (or SPF Lite or
CSV or even IP based whitelisting) to bob.mta, and approve the
forwarder based on that.

The receiver can also apply spf/SUBMITTER tests to <bob>, and
approve the forwarder based on that.


Wouldn't this require a PRA check to verify that SUBMITTER is
consistent with the message headers, and wouldn't that be encumbered?


No, SUBMITTER would be compared against the Sender-ID records directly 
without touching the headers.


This means there would be no record which identity was used to permit
the message.  What an ideal way to spoof.

-Doug

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: consensus call on pra/mailfrom deployment and versioning/scope, (continued) Re: consensus call on pra/mailfrom deployment and versioning/scope, Tony Finch Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Andrew Newton Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Rand Wacker Re: consensus call on pra/mailfrom deployment and versioning/scope, Andrew Newton Re: consensus call on pra/mailfrom deployment and versioning/scope, Rand Wacker Re: consensus call on pra/mailfrom deployment and versioning/scope, Meng Weng Wong Re: consensus call on pra/mailfrom deployment and versioning/scope, Jim Fenton Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Douglas Otis <= Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Douglas Otis Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Matt Sergeant Re: consensus call on pra/mailfrom deployment and versioning/scope, Douglas Otis Re: consensus call on pra/mailfrom deployment and versioning/scope, Koen Martens Re: consensus call on pra/mailfrom deployment and versioning/scope, Wietse Venema Re: consensus call on pra/mailfrom deployment and versioning/scope, Tripp Cox Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich Re: consensus call on pra/mailfrom deployment and versioning/scope, Ryan Ordway

Previous by Date:	Re: consensus call on pra/mailfrom deployment and versioning/scope, Andrew Newton
Next by Date:	Re: consensus call on pra/mailfrom deployment and versioning/scope, Andrew Newton
Previous by Thread:	Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich
Next by Thread:	Re: consensus call on pra/mailfrom deployment and versioning/scope, Yakov Shafranovich
Indexes:	[Date] [Thread] [Top] [All Lists]