-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Dave
Crocker
Sent: donderdag 18 november 2004 18:00
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Electronic Frontier Foundation
(EFF) Article On Anti-Spam Technologies Mentions SPF
On Thu, 18 Nov 2004 17:23:10 +0100, Alex van den Bogaerdt wrote:
I get the feeling you think false positives are possible with SPF.
As has happened to me several times over the last few weeks,
I needed to use machines and networks that were not in my
regular set. This meant using MTAs that were not in my
regular set. Some were public kiosks and some were friend's
pc's, where I set the rfc2822.From field to be my address.
All of the messages from those situations would be assessed
an "unauthorized" and therefore would be falsely rejected.
Most certainly not. If you have not authorized your friend's pc
to relay mail on behalf of your domain name, and you published
"-all", then SPF rejected your message for the exact right reason.
In fact, you should worry if SPF had done something else.
If that scenario bothers you, then either publish "?all", or
include your friend's pc in your set of authorized relays.
I need to send a message urgently. It's really important.
Then use SMTP AUTH (preferably on port 587). Then you can connect
to your OWN relay, from a remote location, and get an SPF "pass"
because of being authenticated by a trusted mechanism.
I ask to send a message from their pc, and set the rfc2822.From field
to be my actual email address.
In short, you did precisely what SPF is supposed to prevent: domain
spoofing in MAIL FROM (assuming your friend's relay did not rewrite
your envelope-from to a 'local' SRS domain). And SPF caught you doing
it. Rejoice! This is what you wanted (according to your published policy).
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx