spf-discuss
[Top] [All Lists]

mail administrator certification example

2004-07-30 07:21:10
Below you can all see the spf records published by surgeweb.com. This is an
example of good intentions of a mail administrator trying to do the right
thing but lacking an understanding of the internet and ip space. You can see
that the spf records for ip is incorrect. the did not specify a boundary
when describing the class c range. They used .1 not .0. I have sent 2 email
to the postmaster informing of his error and either he did not receive the
emails, just ignored them or feel he is correct in his notation.

The end results is his spf records are useless as they do not parse
properly.


v=spf1 ip4:216.65.64.1/24 ip4:216.65.3.1/24 a:send1.surgeweb.com mx -all
----- Original Message ----- 
From: "wayne" <wayne(_at_)midwestcs(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, July 30, 2004 8:01 AM
Subject: Re: [spf-discuss]


In <20040730043748(_dot_)0BE531A01F8(_at_)smtp-1(_dot_)hotpop(_dot_)com> 
"Shoaib"
<ssoomro_183(_at_)HotPOP(_dot_)com> writes:

Whats the basic difference b/w SPF and Sender ID?

The important differences between SPF and Sender ID are:

1) Microsoft has placed its backing with Sender ID, not SPF.

2) SPF checks the "envelope from" which is where bounces are sent to
   and part of the SMTP transaction while Sender ID checks various
   mail headers such as From:, Resent-Sender: and others.

3) Sender ID has had very little testing and the only data that has
   been published so far shows that hit has a much higher rate of
   incorrectly rejecting valid email.


Is Sender ID really needed when SPF is already available to tackle all
issues relating domain spoofing?

SPF doesn't tackle all issues related to domain spoofing since it
doesn't check the email headers such as the From: line.  How to do
this checking in a useful way is still, in my opinion, a very open
question.


-wayne

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com