spf-discuss
[Top] [All Lists]

Re: SPF is not usable as legal measure against spammers

2004-07-17 12:02:53
administrator(_at_)yellowhead(_dot_)com wrote:

Forgive my ignorance, but what good is that? It has absolutely nothing to
do with the the domain that sent the email. If I was a zombied machine
spewing out garbage using whatever for a domain name in the HELO, MAIL
FROM:, and From:, how would checking the PTR record
(207-34-104-6.ip.cal.radiant.net) against the "A" record [207.34.104.6]
provide any useful information?

'ptr' is just a list of IP addresses (controlled by the domain owner and his
Internet provider). This list is all IP addresses pointed to by A records in
the domain's zone. If the domain owner can say "all these IP addresses are
authorized to send mail from my domain", then he can put "ptr" in the SPF
record.

For example if foo.com has following DNS records:
mx1.foo.com. A 192.168.1.1
smtp.foo.com. A 192.168.1.2

then "ptr:foo.com" matches only if the mail came from 192.168.1.1 or
192.168.1.2 and only if the reverse lookup results in a domain name ending
with "foo.com".

If the zombie machine at 207.34.104.6 says "MAIL 
FROM:<(_dot_)(_dot_)(_dot_)(_at_)foo(_dot_)com>, then
"ptr:foo.com" does not match.

If you have no use for the 'ptr' mechanism, then don't put it in your SPF
record.

Roger