spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: review of the MS Caller-ID draft

2004-02-24 14:47:15
from [Meng Weng Wong] [Permanent Link] 
On Tue, Feb 24, 2004 at 03:44:30PM -0600, wayne wrote:
| 
| Without checking the envelope-from, you can't safely bounce email.  As
| far as I'm concerned, this is A Very Bad Thing.  Once you have a known
| good evelope-from, you can do lots of other stuff later on and bounce
| if you reject the email.
| 
| Caller-ID and DomainKeys both need something like SPF or SRS+callbacks
| to make them safe to use.
| 

Could someone please translate this into an SPF record?

The new Mail::SPF::Query is going to let people configure a list of
"pretend" records for domains that don't publish SPF but ought to.

A Perl script that does cid2spf would be even better.  Who's handy with
XML::Parser?

    20040224-16:46:10 mengwong(_at_)dumbo:~% dnstxt _ep.hotmail.com             
                                                                                
        <ep xmlns='http://ms.net/1' 
testing='true'><out><m><indirect>list1._ep.hotmail.com</indirect><indirect>list2._ep.hotmail.com</indirect><indirect>list3._ep.hotmail.com</indirect></m></out></ep>

    20040224-16:46:17 mengwong(_at_)dumbo:~% dnstxt _ep.list1._ep.hotmail.com
    <ep xmlns='http://ms.net/1' 
testing='true'><out><m><r>209.240.192.0/19</r><r>65.52.0.0/14</r><r>131.107.0.0/16</r><r>157.54.0.0/15</r><r>157.56.0.0/14</r><r>157.60.0.0/16</r><r>167.220.0.0/16</r><r>204.79.135.0/24</r><r>204.79.188.0/24</r><r>204.79.252.0/24</r><r>207.46.0.0/16</r><r>199.2.137.0/24</r><r>199.103.90.0/23</r></m></out></ep>

    20040224-16:46:20 mengwong(_at_)dumbo:~% dnstxt _ep.list2._ep.hotmail.com
    <ep xmlns='http://ms.net/1' 
testing='true'><out><m><r>204.182.144.0/24</r><r>204.255.244.0/23</r><r>206.138.168.0/21</r><r>64.4.0.0/18</r><r>65.54.128.0/17</r><r>207.68.128.0/18</r><r>207.68.192.0/20</r><r>207.82.250.0/23</r><r>207.82.252.0/23</r><r>209.1.112.0/23</r><r>209.185.128.0/23</r><r>209.185.130.0/23</r><r>209.185.240.0/22</r></m></out></ep>

    20040224-16:46:23 mengwong(_at_)dumbo:~% dnstxt _ep.list3._ep.hotmail.com
    <ep xmlns='http://ms.net/1' 
testing='true'><out><m><r>216.32.180.0/22</r><r>216.32.240.0/22</r><r>216.33.148.0/22</r><r>216.33.151.0/24</r><r>216.33.236.0/22</r><r>216.33.240.0/22</r><r>216.200.206.0/24</r><r>204.95.96.0/20</r><r>65.59.232.0/23</r><r>65.59.234.0/24</r><r>209.1.15.0/24</r><r>64.41.193.0/24</r><r>216.34.51.0/24</r></m></out></ep>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Possible SPF machine-domain loophole???, Theo Schlossnagle
Next by Date:  Re: how to protect the HELO using SPF, wayne
Previous by Thread:  Re: review of the MS Caller-ID draft, wayne
Next by Thread:  Re: review of the MS Caller-ID draft, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]