ietf-mxcomp
[Top] [All Lists]

RE: SPF abused by spammers

2004-09-16 14:23:41

-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Alan 
DeKok
Sent: Thursday, September 16, 2004 4:33 PM
To: ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: SPF abused by spammers

  I'm not sure how any "MAIL FROM" checking can prevent spoofing on a
shared MTA.

  Alan DeKok.

I don't think it can.  That's why I give shared MTAs that I use a NEUTRAL
vice PASS result in my SPF records unless there are local restrictions to
prevent other customers of the MTA from using my "MAIL FROM".

What I can do with "MAIL FROM" checking is tell the world which MTAs are not
authorized through -all.

Personally, I would love to see some synergy between "MAIL FROM" and
SUBMITTER. If shared MTA operators would add SUBMITTER and an appropriate
2822 header field, then the result would be:

"MAIL FROM" - NEUTRAL (based on my domain)
SUBMITTER - PASS (based on the ISP domain).

This would mean, the domain owner says that the message is not certainly
forged and the MTA operator says it is accepting responsibility for the
message.  I would think that most people would accept this combination.  I
also think this is appropriate for shared MTAs because it is, in the end,
the operator of the MTA that is responsible for forgery it allows to happen.

Scott Kitterman