spf-discuss
[Top] [All Lists]

RE: spf entries for which hosts ???

2004-10-11 17:55:15
I like this idea: "report=postmaster+spf(_at_)%{d}".
I would want to specify what email address to use.  Not just take some
default.

You got my vote!

Guy

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Meng 
Weng Wong
Sent: Monday, October 11, 2004 5:44 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] spf entries for which hosts ???

On Mon, Oct 11, 2004 at 01:40:00PM -0600, Commerco WebMaster wrote:
| 
| FOR OTHER LIST MEMBERS: I am interested in knowing if some of the AV plug 
| in vendors also have plans for direct support of SPF.  I ask because such 
| support should make SPF deployment and acceptance at the MTA level 
| easier.  If so, could we consider adding a switch which might cause said
AV 
| plug in software to either send or not send a message back to the domain 
| owner regarding the misuse of their name by another party?  While it is
the 
| purpose of SPF to stop the domain name from being misused, it might also
be 
| useful for evidence gathering purposes to have data points documenting 
| misuse when gathering evidence for any other actions a domain owner might 
| want bring against individual(s) attempting to misuse their domain name in

| email spam.  A switch mechanism here makes it easy for a domain owner to 
| decide on how they might choose to actively learn of or not learn of such 
| identity theft events taking place.  With something like the "v=spf1 -ALL"

| syntax, the AV plug in would presume that the owner wants confirmation of 
| abuse as opposed to "v=spf1 NOCONFIRM -ALL" were they would not.  Perhaps 
| the attorneys on this list might want to comment on the usefulness of or 
| logic error being made in implementing this as regards evidence gathering 
| procedures.  Any thoughts on this would be appreciated.
| 
| In any case, getting back to Margrit's question, just like MX records, it 
| is through the information you publish in a specially formatted DNS based 
| TXT record that this processing can take place.

There are two ways to report this information back to domain
owners: they can use an "exists" for logging, or they can
help develop a reporting syntax, eg. v=spf1 -all report=postmaster+spf(_at_)%{d}

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription, 
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com