David MacQuigg wrote:
At 01:06 PM 5/11/2005 -0700, William Leibzon wrote:
On Wed, 11 May 2005, David MacQuigg wrote:
I'm not assuming the problem is not inherent, or that somehow you can
check the RFC2822 name against an SPF1 record.
You can check any name you like against SPF1 record. Its rather the
question of results of such a check and if spf1 record was setup on
purpose to accomodate this check.
I agree. What I like about Wayne's new wording is that keeps a firm NOT
RECOMMENDED, yet allows other identities to be used under the right
conditions.
Without explicit approval of the record owner, checking other
identities against SPF version 1 records is NOT RECOMMENDED
This approval could be in the form of a clear, unambiguous declaration
of the sender's identity, with no conflicting requirements. OK:
"Hello, this is ebay.com, sending from <IP>. You can check that any way
you want."
No
It should be this is ebay.com connecting from <IP>
---> and then a DNS lookup on ebay.com reveals that the TXT record says
its SPF record can be used against other scopes.
It should never *ever* be the connecting MTA that says what scopes to
use, the whole point is that you cannot trust the connecting MTA (it
could very well be a lying forging spam relaying server or zombie)
Not OK: "Hello, our SUBMITTER name is ebay.com. You must use PRA to
check that."
And certainly not that either, but you cannot let the CONNECTING MTA
indicate what scope(s) to use, that should be indicated in the DNS
record you look up.
Terry
--
Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper! http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
--
Terry Fielder
terry(_at_)greatgulfhomes(_dot_)com
Associate Director Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
Fax: (416) 441-9085