spf-discuss
[Top] [All Lists]

Where "We" went wrong - "Forwarding problem" revisited

2005-05-10 06:11:52
From the last council meeting:

21:19   <freeside> had a chat with mark lentczner a few months ago about
                   what we would've done differently.
21:20     <Julian> "we"?
21:20   <freeside> one thing he mentioned was that it might be a good
                   idea to leave out the "-all" completely.
21:20      <MarkK> O?
21:20   <freeside> in other words, if we, the spf community, had just
                   focused on making assertions for when you do know
                   it's from the sender --- ie. all the positive
                   mechanisms, like ip4, mx, a, etc.
21:21     <Julian> I doubt that's what most of the community want.
21:21   <freeside> and then remaining mum about explicitly denying
                   forgeries --- eg. "if it didn't match, well, we're
                   not saying it's from us, and we're not saying it's
                   not, so you draw your own conclusions"

What I would have done differently is to place more emphasis on
administrators needing to control their e-mail infrastructure.  At all
points in an e-mail's transmission, onward routing is either under the
control of the sender or the receiver.  The point where control transfers is
the one and only one point where SPF checks can and should be done.

At that point, the transmitting MTA should be described in the sender's SPF
record and the receiving MTA can reliably check it.  From that point on,
there is some kind of ongoing relationship and trust.

Whether a forwarder re-writes Mail-From as a convenience to the next
receiving MTA or the next receiving MTA whitelists that forwarder is not
material to the question of trust (WRT forgery).  SRS, local whitelist,
trusted-forwarder.org, or some combination, it doesn't matter.  This point
about checking at the spot where responsibility shifts has been discussed,
but doesn't seem to be crystal clear.

Much as SPF record publishing requires sending organizations to understand
their outbound mail architecture (and many didn't before) and get it under
control, SPF record checking requires receiving organizations to understand
their inbound mail architecture and get it under control.

Many organizations will complain that either of these tasks is to hard.  If
it is, then they shouldn't do SPF.

If this had been clearer from the beginning, then I think much less would
have been made of the forwarding problem.

Scott Kitterman



<Prev in Thread] Current Thread [Next in Thread>