spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DM News says: MSN requires Sender ID Authentication

2005-06-24 12:08:21
from [Hector Santos] [Permanent Link] 

From: "Ralf Doeblitz" <list+spf-discuss(_at_)doeblitz(_dot_)net>


Second,  this was relaxed with RFC 2822, the current
standard, by removing the To: requirement:



0822 Standard for the format of ARPA Internet text messages. D.
     Crocker. Aug-13-1982. (Format: TXT=109200 bytes) (Obsoletes RFC0733)
     (Obsoleted by RFC2822) (Updated by RFC1123, RFC1138, RFC1148,
     RFC1327, RFC2156) (Also STD0011) (Status: STANDARD)

2822 Internet Message Format. P. Resnick, Ed.. April 2001. (Format:
     TXT=110695 bytes) (Obsoletes RFC0822) (Status: PROPOSED STANDARD)


Not sure why you posted this?

822 and 2822 behaviors are correct.  But 2822 is now considered the current
standard for email format which obseles RFC 822.  A pure 822 system is
pretty much considered a legacy system but it must be supported too.

If you were writing a SMTP system today, which would you use?


Neither living in nor caring about the USA: not at all.


But I bet you love MTV and Big Macs! :-)


BTW, your SendMail server accepted a no header input.



Welcome to my spam filter. ;-)

Yes, it was accepted and subsequently put into the junk bin. Recipient's
decision, not some entity during transport.


Ok cool!  It was delivered to the user.  The transport did not throw it
away.  The spam filter used a bad rule for the subject, but that's ok.   My
concerns is transport, delivery or bounce.
.

Is this system supporting PRA?



Not yet and no, but enforcing stricter conformance to RFC822 might
reject more spam, maybe I will reconfigure the system sometime.


hmmm I see you wrote RFC 822.   What about RFC 2822?   Don't you think you
will have 2822 based mail sent to you?  I think you will have alot of false
positives with a strict RFC822.

However, I have been noticing a growth of phishing mail with no TO: header
line. Required by 822,  not required by 2822.

Also, I saw something interested.....

| Received-SPF: pass (selene.escape.de: 217.13.70.153 is
|                       authenticated by a trusted mechanism)
| Received-SPF: fail (mx1.asco.de: domain
|                       of spf-discuss(_at_)winserver(_dot_)com does not
|                       designate 65.10.60.163 as permitted sender)

When I did that manual telnet from my home machine to your system and used
this spf-discuss(_at_)winserver(_dot_)com,   it should of rejected it based on 
my
WINSERVER.COM SPF policy.

I have a hard fail for winserver.com.  Why did you continue to accept it?

You must get a alot of spam! <g>

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DM News says: MSN requires Sender ID Authentication, Hector Santos
Next by Date:  Re: DM News says: MSN requires Sender ID Authentication, johnp
Previous by Thread:  Re: DM News says: MSN requires Sender ID Authentication, Ralf Doeblitz
Next by Thread:  Re: DM News says: MSN requires Sender ID Authentication, johnp
Indexes:  [Date] [Thread] [Top] [All Lists]