-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David MacQuigg wrote:
At 03:57 PM 3/12/2005 -0500, Stuart D. Gathman wrote:
On Fri, 11 Mar 2005, David MacQuigg wrote:
SPF checking for my account macquigg'at'pobox.com is ON. I believe
that was
the default, because I don't remember changing it. Messages that
fail an
SPF check are supposed to be bounced. As we found out before, that
is not
really happening. You are welcome to send me test messages if you
want to
experiment.
Looks like it is working now:
220 gold.pobox.com ESMTP Postfix
HELO mail.bmsi.com
250 gold.pobox.com
MAIL FROM: <stuart'at'bmsi.com>
250 Ok
RCPT TO: <dmq'at'pobox.com>
554 <dmq'at'pobox.com>: Recipient address rejected: spf returned DENY:
Please see
http://spf.pobox.com/why.html?sender=stuart'at'bmsi.com&ip=141.156.111.136&receiver=gold.pobox.com
I guess we shamed them into fixing it :-)
We still can't use them as our shining example, however. I just sent an
email from forged'at'pobox.com to dmq'at'bmsi.com and it sailed right
through. Checking pobox's SPF I see:
No valid SPF version 1 records found for pobox.com
I also noticed that amazon.com changed their SPF record from -all to
~all. Looks like bmsi is the only domain we can count on to demonstrate
SPF.
Try this game with moongroup.com!
- --
Chuck Mead <csm(_at_)redhat(_dot_)com>
Instructor II (and resident Postfix bigot), GLS
Disclaimer: "It's Thursday and my name is Locutus of B0rk!"
Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCNampZfy0juH51WsRAsLCAJ490Pa9qzzfiS/4K4SjEjdKHMDdrACfQI8T
eOp2OHdQN8jfBqy2x55azlU=
=0MG0
-----END PGP SIGNATURE-----