spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Global whitelist: wl.trusted-forwarder.org

2003-10-16 15:37:59
from [Meng Weng Wong] [Permanent Link] 
On Thu, Oct 16, 2003 at 04:49:07PM -0500, wayne wrote:
| 
| Option two:  Domain owners could add "!dnsl:wl.trusted-forwarder.org"
| to their SPF specs.  They could also add any other DNSWLs that they
| trust to be well maintained.
| 

This would be the preferred option; hardcoding things into libraries is
so blah.  On one hand it'll be hard to get domains to add that to their
lookups; on the other hand I worry about the VeriSign scenario.  Is
there a better way?

In an ideal world we could give the "legit forgers" a clearly defined
termination date by which time they have to switch to a new way of doing
things.  Until that date we'd all do "softdeny" instead of "deny".  But
that's not realistic.  Tough problem.

Also, finding out who the legit forwarders are, and reaching and
educating them, will be a challenge.  We need the media on our side.
The philly.com "email me this article" isn't such a big deal but people
really care about eBay.

                                 * * *

BTW, I am renaming the "dnsl" mechanism to save a byte or two.

The new name is "PI".

It stands for "reversed IP".

No, really!

                                 * * *

Latest news: I am publishing new-style records locally to test the new
version of Mail::SPF::Query against.  In TinyDNS I have:

'policy._smtp_client.01.spf1-test.mailzone.com:v=spf1                           
                                  :60
'policy._smtp_client.02.spf1-test.mailzone.com:v=spf1                           
                  default=deny    :60
'policy._smtp_client.03.spf1-test.mailzone.com:v=spf1                           
                  default=softdeny:60

'policy._smtp_client.05.spf1-test.mailzone.com:v=spf1                           
                  default=bogus   :60
'policy._smtp_client.06.spf1-test.mailzone.com:v=spf1                           
                  default=unknown :60
'policy._smtp_client.07.spf1-test.mailzone.com:v=spf2                           
                  default=bogus   :60

'policy._smtp_client.10.spf1-test.mailzone.com:v=spf1 mx                        
                  default=softdeny:60
'policy._smtp_client.11.spf1-test.mailzone.com:v=spf1    mx:pobox.com           
                  default=softdeny:60
'policy._smtp_client.12.spf1-test.mailzone.com:v=spf1 mx mx:pobox.com           
                  default=softdeny:60
'policy._smtp_client.13.spf1-test.mailzone.com:v=spf1    mx:pobox.com 
mx:fallback-relay.pobox.com default=softdeny:60
'policy._smtp_client.14.spf1-test.mailzone.com:v=spf1 mx mx:pobox.com 
mx:fallback-relay.pobox.com default=softdeny:60

'policy._smtp_client.20.spf1-test.mailzone.com:v=spf1 a                         
                  default=softdeny:60
'policy._smtp_client.21.spf1-test.mailzone.com:v=spf1   a:pobox.com             
                  default=softdeny:60
'policy._smtp_client.22.spf1-test.mailzone.com:v=spf1 a a:pobox.com             
                  default=softdeny:60

'policy._smtp_client.30.spf1-test.mailzone.com:v=spf1 ptr                       
                  default=softdeny:60
'policy._smtp_client.31.spf1-test.mailzone.com:v=spf1     ptr:pobox.com         
                  default=softdeny:60
'policy._smtp_client.32.spf1-test.mailzone.com:v=spf1 ptr ptr:pobox.com         
                  default=softdeny:60

'policy._smtp_client.40.spf1-test.mailzone.com:v=spf1 pi                        
                  default=softdeny:60
'policy._smtp_client.41.spf1-test.mailzone.com:v=spf1    
pi:_smtp_client.pobox.com                default=softdeny:60
'policy._smtp_client.42.spf1-test.mailzone.com:v=spf1 pi 
pi:_smtp_client.pobox.com                default=softdeny:60

'policy._smtp_client.50.spf1-test.mailzone.com:v=spf1 include                   
                  default=softdeny:60
'policy._smtp_client.51.spf1-test.mailzone.com:v=spf1 include:pobox.com         
                  default=softdeny:60

'policy._smtp_client.60.spf1-test.mailzone.com:v=spf1 scope                     
                  default=softdeny:60
'policy._smtp_client.61.spf1-test.mailzone.com:v=spf1 scope=                    
                  default=softdeny:60
'policy._smtp_client.62.spf1-test.mailzone.com:v=spf1 scope=envelope            
                  default=softdeny:60
'policy._smtp_client.63.spf1-test.mailzone.com:v=spf1 scope=header-from         
                  default=softdeny:60
'policy._smtp_client.64.spf1-test.mailzone.com:v=spf1 scope=errors-to           
                  default=softdeny:60
'policy._smtp_client.65.spf1-test.mailzone.com:v=spf1 
scope=envelope,header-from                  default=softdeny:60
'policy._smtp_client.66.spf1-test.mailzone.com:v=spf1 scope=,header-from        
                  default=softdeny:60

'policy._smtp_client.70.spf1-test.mailzone.com:v=spf1 
LocalPart\072rlp\072+-(_at_)_smtp_local(_dot_)example(_dot_)com  
default=softdeny:60

You guys should be able to reach those from here.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: new draft RFC: thoughts on localpart, Phil White
Next by Date:  Re: new draft RFC: thoughts on localpart, Meng Weng Wong
Previous by Thread:  Re: Global whitelist: wl.trusted-forwarder.org, wayne
Next by Thread:  Re: Global whitelist: wl.trusted-forwarder.org, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]