spf-discuss
[Top] [All Lists]

Re: Sender ID in the news

2004-10-26 15:00:04
On Tue, 26 Oct 2004, Roger Moser wrote:

Meng Weng Wong wrote:

I gave him my opinion that it was a good thing that MS's PRA checks could
reuse v=spf1 records.

If for some reason a domain can do only SES (signed envelope sender) and
publishes the SPF record "v=spf1 exists:%{l}._ses.%{d} -all", then this
works ONLY for MAIL FROM. If a stupid MTA uses this SPF record for the PRA,
then it will always fail and all mail will be rejected.

Thank you Roger, for pointing that out.  I would like to reiterate
my desire (which doesn't seem to be shared by anyone else so far)
that any RFC2822 checks are based on the validated the 2821 MAIL FROM.
For instance, a 2822 sender policy should identify which MAIL FROM
domains and/or full addresses are permitted to originate mail for
the 2822 header domain.  I do not think a 2822 sender policy should
reference IP addresses and such low level 2821 things directly.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>