spf-discuss
[Top] [All Lists]

Re: .name help

2004-08-17 06:02:57
Ok, so you send mail through their servers.. Then obviously their servers 
should be in the spf record.. Is this some web-interface, or do you have their 
server in your mail server as outgoing SMTP host?? Is this SMTP-auth going on?

But you have published spf for the domain, so I assume you've got dns control?? 
In that case, why not set up your own mail server and circumvent this nasty 
bussniness with the .name registrar mail servers?

I think i'm still not quite understanding what is going on, but in case this is 
just a simple forwarding problem: forwarders will have to implement SRS or the 
receiver of the forwarded mail should whitelist the forwarder in their MTA spf 
checking setup.

Koen

On Tue, Aug 17, 2004 at 08:50:19AM -0400, Anthony DePinto wrote:
With the .name domains, all you can purchase/control is
firstname(_at_)firstname(_dot_)lastname(_dot_)name(_dot_)  The e-mail forward 
for
firstname(_at_)lastname(_dot_)name is controlled by the registrar itself so it
doesn't touch our servers at first.  If I send an e-mail from
anthony(_at_)idmi(_dot_)net, which is my address and we run SPF, to
firstname(_at_)lastname(_dot_)name it first goes to the registrar's mail 
server
which forwards it AS anthony(_at_)idmi(_dot_)net to
firstname(_at_)firstname(_dot_)lastname(_dot_)name so we reject it because 
the foreign
mail server is trying to send mail as myself.  Convoluted, so I hope
that made more sense.

I will have to look into SRS as I'm not familiar with that...

Thanks

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Koen 
Martens
Sent: Tuesday, August 17, 2004 8:38 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] .name help

On Tue, Aug 17, 2004 at 08:30:49AM -0400, Anthony DePinto wrote:
   I registered a .name domain some time ago.
[1]firstname(_at_)lastname(_dot_)name
   points  to  [2]firstname(_at_)firstname(_dot_)lastname(_dot_)name(_dot_) 
  This  worked
great
   until  we  set  up  SPF on our mail server.  Now when I send a
message
   from  [3]anthony(_at_)idmi(_dot_)net (my main address and the domain 
where SPF
is
   setup on), the .name registrar tries to forward the message for us
and
   it  gets  blocked  via  SPF as it should.  Is there anything the
.name
   registrar  can  do to "fix" this situation or will I have to add
their
   mail servers to my SPF records?

Wait, if you send mail from anthony(_at_)idmi(_dot_)net, why would it be 
forwarded?
You probably meant 'send mail TO anthony(_at_)idmi(_dot_)net' right? It's a 
bit
unclear how this construct you describe works, who is receiving the
mail? Why does a registrar forward mail _from_ someone?? Are you perhaps
using their mail server to send mail?

You could add their mail servers to your spf record, use the ? modifier
for that, since you are not the only one using those servers I imagine
(leaving a chance of forgery of your address).

Best thing would be for the forwarding server to implement SRS (see the
paper on www.libsrs2.org under Documentation).

Koen

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/ Networking, embedded
systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program can't read? Visit
http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/ Archives at
http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta
features SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: pgpwOUgeOjAeL.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>