spf-discuss
[Top] [All Lists]

Re: Summary Please - where is SPF 1?

2004-10-28 08:43:14
On Thu, 2004-10-28 at 10:36, Michael Hammer wrote:

I guess I'm going to have to disagree with Meng and his belief that
there isn't a problem with applying (and evangelizing that this is ok)
PRA to SPF1 records.

Here is a link to a page on pobox holding up examples of how to do
things properly if you are a web generated emailer:

http://spf.pobox.com/webgenerated.html

Applying PRA to either of these approaches should cause mail to be
rejected by the recipient MTA if the domain of the true sender has
published an SPF1 record that makes any sense at all for protecting
the return path.


How so? PRA would end up using Sender header in the "This is better"
example, therefore it would check a record in egreetings.com DNS. PRA
would end up using From header in "This works too" case and therefore
use evite.com DNS.

What do you mean by "true sender"? If you mean the person causing the
invitations to go out, "user(_at_)example(_dot_)com", none of the return-path
values have example.com as a domain. example.com's SPF records would
never be checked.

What am I missing?

-- 
Jeff Macdonald <jmacdonald(_at_)e-dialog(_dot_)com>
E-Dialog