ietf-mxcomp
[Top] [All Lists]

Re: SPF abused by spammers

2004-09-17 14:40:24

 "Alan DeKok" replied:


"Chris Haynes" <chris(_at_)harvington(_dot_)org(_dot_)uk> wrote:
My understanding is that SPF records declare the policy of the
_sender_.  If the sender trusts the shared MTA to verify all
originators and to prevent cross-customer spoofing, then the sender
can use something like '+mx -all' and the receiver should respect
the sender's trust in the shared MTA s/he uses.

  In that case, the recipient has checked with the originator, and has
information by which to decide whether or not to trust the shared MTA.

Yes - that's the way SPF works as it uses Mail-From.



  And yes, "originator trusts the shared MTA" still may mean that "the
message may be spoofed".  This indicates a weakness in any MAIL FROM
authentication. when shared MTA's are used.


When I say "originator trusts the shared MTA" I mean "trusts the shared MTA to
have authenticated and identified the sender of each message (using SMTP AUTH or
equivalent),  and to have applied whatever logic is needed to prevent spoofing,
i.e. to ensure, for every message, that the sender is authorised to use the
'Mail-From' of that message".

If the originator's trust in the MTA' s ability to prevent spoofing is
well-founded, than the message cannot be spoofed, and Mail-From can be trusted.
(barring IP address spoofing, DNS penetration, physical penetration of MTA etc.
etc. - which are factors to be listed in the "Security Considerations").

I can't understand the basis of your concern about a "weakness in any MAIL
FROM..." .


Chris