On Tue, Aug 03, 2004 at 03:54:20PM +0200,
Daniel Gueniche <gueniche(_at_)grenoble(_dot_)cnrs(_dot_)fr> wrote
a message of 28 lines which said:
first, yes you are right, we should refuse mails from domains with no
A/MX records, we are going to fix it.
And the lame delegation to ns2.nic.fr, please.
~ % check_soa grenoble.cnrs.fr
ns2.nic.fr is not authoritative for grenoble.cnrs.fr
calypso.urec.cnrs.fr has serial number 2004072801
labs.grenoble.cnrs.fr has serial number 2004072801
secondly, in my mail, please read anti-virus and no anti-spam. I
mistyped, of course anti-spams do not send back mails, but
anti-virus do.
They are wrong, badly wrong, since almost all Microsoft worms use
forged email addresses.
We have sent a mail from reflector.grenoble.cnrs.fr (147.173.3.39)
simulating a mail from user(_at_)another(_dot_)existing(_dot_)domain(_dot_)
My question was
why SPF does not base its analyses on that IP address ?
It does. SPF uses the domain in the MAIL FROM for *identification* and
the IP address of the SMTP client for *authentication*.