spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: using received headers to determine sending mta

2005-01-12 09:53:59
from [Dan Field] [Permanent Link] 
If we are using the latest received header (The last MTA to handle the 
message), then trust should be ok shouldn't it?

E.g.

This message has:

Received: from apex.listbox.com ([207.8.214.5]) by 
gateway.netserver.accessemedia.com with Microsoft SMTPSVC(6.0.3790.211);
         Wed, 12 Jan 2005 16:45:12 +0000
Received: from localhost.localdomain (localhost [127.0.0.1])
        by apex.listbox.com (Postfix) with ESMTP id 729CB4D9F4
        for <dan(_dot_)field(_at_)accessemedia(_dot_)com>; Wed, 12 Jan 2005 
11:45:10 -0500 (EST)
Received: from smarthost4.mail.uk.easynet.net (smarthost4.mail.uk.easynet.net 
[212.135.6.14])
        by portent.listbox.com (Postfix) with ESMTP id 2FDB697EE5
        for <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>; Wed, 12 Jan 2005 
11:44:30 -0500 (EST)
Received: from [62.53.0.15] (helo=ringo)
        by smarthost4.mail.uk.easynet.net with smtp (Exim 4.10)
        id 1Colbb-0003tW-00
        for spf-discuss(_at_)v2(_dot_)listbox(_dot_)com; Wed, 12 Jan 2005 
16:44:23 +0000
Message-ID: <0eb901c4f8c5$f16d89b0$0200000a(_at_)ringo>

So, the last step was the first line above:

Received by gateway.netserver.accessemedia.com (My exchange server here) from 
207.8.214.5... so if i were to SPF check 207.8.214.5 to see if it is permitted 
to send as 
owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com(_dot_)(_dot_)(_dot_) isn't 
this ok?

Dan


-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Chris 
Haynes
Sent: 12 January 2005 16:44
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] using received headers to determine sending
mta


 "Dan Field" asked:



What are the problems with using a message headers "Received" lines to

determine the sending MTA and then perform a SPF lookup on that?


Thanks,

Dan



I can think of three reasons:

1)  There is no standard format for Received,

2)  Can you trust whoever purported to add that header to the message?

3)  If inspected long after reception, there can be problems with lack of
knowledge of subsequent changes in the SPF record in the DNS

Doubtless others will think of further reasons.

Chris Haynes


-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: using received headers to determine sending mta, Chris Haynes
Next by Date:  Re: using received headers to determine sending mta, jpinkerton
Previous by Thread:  Re: using received headers to determine sending mta, Chris Haynes
Next by Thread:  Re: using received headers to determine sending mta, Chris Haynes
Indexes:  [Date] [Thread] [Top] [All Lists]