On Mon, Oct 11, 2004 at 01:40:00PM -0600, Commerco WebMaster wrote:
|
| FOR OTHER LIST MEMBERS: I am interested in knowing if some of the AV plug
| in vendors also have plans for direct support of SPF. I ask because such
| support should make SPF deployment and acceptance at the MTA level
| easier. If so, could we consider adding a switch which might cause said AV
| plug in software to either send or not send a message back to the domain
| owner regarding the misuse of their name by another party? While it is the
| purpose of SPF to stop the domain name from being misused, it might also be
| useful for evidence gathering purposes to have data points documenting
| misuse when gathering evidence for any other actions a domain owner might
| want bring against individual(s) attempting to misuse their domain name in
| email spam. A switch mechanism here makes it easy for a domain owner to
| decide on how they might choose to actively learn of or not learn of such
| identity theft events taking place. With something like the "v=spf1 -ALL"
| syntax, the AV plug in would presume that the owner wants confirmation of
| abuse as opposed to "v=spf1 NOCONFIRM -ALL" were they would not. Perhaps
| the attorneys on this list might want to comment on the usefulness of or
| logic error being made in implementing this as regards evidence gathering
| procedures. Any thoughts on this would be appreciated.
|
| In any case, getting back to Margrit's question, just like MX records, it
| is through the information you publish in a specially formatted DNS based
| TXT record that this processing can take place.
There are two ways to report this information back to domain
owners: they can use an "exists" for logging, or they can
help develop a reporting syntax, eg. v=spf1 -all report=postmaster+spf(_at_)%{d}