spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: how to avoid receiving email w. sender forged to be a host in my domain

2004-08-11 22:59:37
from [Koen Martens] [Permanent Link] 
On Wed, Aug 11, 2004 at 10:52:05PM -0400, Tom wrote:

Well, this really has nothing to do with spf, but all of my A records were 
being ignored. After I commented out the wildcard TXT entry, everything 
started working again. I know BIND has a bug that causes problems if the 
last record is a TXT record, perhaps I stubbled upon another bug. I didn't 
go through the motions of diagnoising it because I was more interested in 
getting my DNS server back up and running.


Just curious what version of bind you are using, because I never
experienced this 'bug' you think you have found (also using bind here).
Are you sure you didn't put a typo in the zone file, which would render
the entire zone unusable?


The real question I was asking here is what would happen if a third level 
domain has no DNS records (assuming the MTA doesn't throw it away for that 
first)?

Example:

spammer_(_at_)_fakesub(_dot_)mydomain(_dot_)org

If there are no DNS records (spf or otherwise) for fakesub.mydomain.org, 
what happens then? Are spf records for mydomain.org still ignored in this 
case?


If a TXT lookup of _fakesub.mydomain.org (ignoring that the _ is not
allowed iirc) does not return a spf TXT, no spf will be checked.
However, if there's no dns record at all for the domain, most modern mta's
will (should?) reject anyway.

Koen

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: pgpeEbM0q3Ryb.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: how to avoid receiving email w. sender forged to be a host in my domain, Tom
Next by Date:  Re: how to avoid receiving email w. sender forged to be a host in my domain, Len Conrad
Previous by Thread:  Re: how to avoid receiving email w. sender forged to be a host in my domain, Tom
Next by Thread:  Re: how to avoid receiving email w. sender forged to be a host in my domain, Tom
Indexes:  [Date] [Thread] [Top] [All Lists]