On Thu, 12 Feb 2004, Greg Connor wrote:
Here is a crazy idea... one that might take care of both aspects. What
if the SPF draft said something like this:
If the envelope sender is checked by SPF and the result is "pass" or
"unknown", the headers of the message SHOULD be checked to see if they
match the envelope sender. The SPF-checked envelope sender should match
the "header sender" as determined by this process (*insert process
here*)
--Shevek <spf(_at_)anarres(_dot_)org> wrote:
This would break SRS and forwarding.
I don't think messing with MUAs is a good idea. A large part of the
strength of this scheme is that it can be implemented on individual MTAs
without affecting the rest of the world. I have one domain with an SPF
record but no MTA implementation, and another with an MTA implementation
but no SPF record. Once we start requiring "everyone, including Microsoft
and Cisco" to do something, it won't happen.
Actually I think we are in agreement here, though the overall tone of your
message suggests that you disagree. So, please let me know if I didn't
understand you correctly.
My point was that we can't depend on the MUA to show us anything having to
do with SPF. Can't and shouldn't. Eventually MUA's will come around IF
spf is proved to be a good thing and comes into wide use.
BUT, can we think of another way to warn the user of a possible forgery?
My feeling is that SPF should warn the user if the message is accepted by
SPF based on the invisible envelope sender or the nearly-invisible
Return-Path, but the From and Sender are totally different. This comes
back to the topic of messages like this:
MAIL FROM: bad(_at_)spammer(_dot_)com
DATA
From: service(_at_)paypal(_dot_)com
Subject: Your account is expiring
Is there any interest in warning the user in a case like this? If so, what
do people think about the idea of altering the display name in From: or
altering the Subject:?
Again, forgive me if I missed something important in the thread. The
subject line was "header algorithm for responsible sender selection" - I
immediately jumped to the conclusion that the "responsible sender in the
headers" was either an alternate address for SPF to check, or that it was
being compared to the envelope sender to ensure consistency. So, my
intention was to steer the discussion AWAY from making requirements for the
MUA (for the reasons you suggest) but still provide suggestions on how we
can warn the user of a problem regardless of MUA.
Yes I realize that SRS changes the envelope sender. Would this also be
reflected in the headers somewhere? Obviously this approach needs
fine-tuning, but I want to get an idea of whether people think altering the
From or Subject to make SPF status and warnings more visible is a good
idea. Feedback welcome...
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>