spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Multiple header entries

2004-12-01 10:24:04
from [terry] [Permanent Link] 
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Mark
Sent: Wednesday, December 01, 2004 12:05 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Multiple header entries



-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of 
Richard Bang
Sent: woensdag 1 december 2004 11:05
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Multiple header entries

Hi,

What should be the policy if an MTA received a message with
an spf header already in it. Should it remove the header and add
its own, or just add a  new one and leave the original intact.
(I would assume the latter as it makes the processing history
more intact).


The 'official' status of the SPF-Received: header is a bit in limbo, I
believe. But like regular Received: headers, you could follow
the practice
of adding one 'on top', and leave the older ones be; like so:

Received-SPF: pass (asarian-host.net: domain of
listbox+trampoline+735+865569+5f71ec8d(_at_)v2(_dot_)listbox(_dot_)com 
designates
207.8.214.5 as permitted sender)
Received-SPF: pass (backbone.midwestcs.com: domain of midwestcs.com
designates 206.222.212.237 as permitted sender)
client-ip=206.222.212.237;
envelope-from=wayne(_at_)midwestcs(_dot_)com; helo=midwestcs.com;

Adding the hostname of the receiving machine ($j in sendmail)
right after
the first bracket makes for an easy history trail.

- Mark


But if one was not using SPF to do SMTP time rejection, but using the header in 
a scoring technique
(like spamassassin) isn't that likely to cause a problem, e.g. when your SPF 
check failed, but the
spammer stuck in a fake SPF pass header line:  The fake pass could negate the 
real fail, or the real
fail could even be superceded by the fake pass.

I would be more of a proponent of something like renaming the existing 
Received-SPF to
Old-Received-SPF.

Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085




        System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Ignoring rejected mail?, Hannah Schroeter
Next by Date:  Re: URGENT: Community Position on SenderID, Hannah Schroeter
Previous by Thread:  RE: Multiple header entries, Mark
Next by Thread:  RE: Multiple header entries, Mark
Indexes:  [Date] [Thread] [Top] [All Lists]