spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Standard header for trusted forwarder?

2005-10-30 17:28:52
from [Stuart D. Gathman] [Permanent Link] 
I have just implemented trusted forwarders.  I want to know if there is
a "standard" 2822 header for the feature.  So you know what I am talking
about, let me gives some details.  As I described earlier,
the connection is checked against SPF for each forwarder, as in
the following simple Python implementation (inefficient for more than a
few forwarders):

    for tf in trusted_forwarder:
      q = spf.query(self.connectip,'',tf,receiver=receiver,strict=False)
      res,code,txt = q.check()
      if res == 'pass':
        self.log("TRUSTED_FORWARDER:",tf)
        break
    else:
      q = spf.query(self.connectip,canon_from,self.hello_name,
          receiver=receiver,strict=False)
      q.set_default_explanation(
        'SPF fail: see http://openspf.com/why.html?sender=%s&ip=%s' % (q.s,q.i))
      res,code,txt = q.check()

Here is an example from the log:

2005Oct30 18:57:47 [7] connect from rebelsm100.careerbuilder.com at 
('66.179.14.164', 1754) EXTERNAL
2005Oct30 18:57:47 [7] hello from apply.cbdr.com
2005Oct30 18:57:48 [7] mail from <SwtsCaramel3(_at_)aol(_dot_)com> 
('SIZE=84276',)
2005Oct30 18:57:48 [7] TRUSTED_FORWARDER: careerbuilder.com
2005Oct30 18:57:48 [7] Received-SPF: pass (mail.jsconnor.com: domain of 
careerbuilder.com designates 66.179.14.164 as permitted sender) 
client-ip=66.179.14.164; envelope-from=postmaster(_at_)careerbuilder(_dot_)com; 
helo=careerbuilder.com;
2005Oct30 18:57:48 [7] rcpt to <cleom(_at_)jsconnor(_dot_)com> ()
2005Oct30 18:57:48 [7] Subject: CareerBuilder Job Application (BA003321)
2005Oct30 18:57:48 [7] X-Mailer: aspNetEmail ver 2.0.0.514
2005Oct30 18:57:48 [7] eom

Although careerbuilder.com, in addition to forging MFROM, has
no SPF record, I have a local SPF database which lists their record
for SPF checkers I administer as:

careerbuilder.com IN TXT "v=spf1 ptr ?all"

The trusted forwarder is documented via the Received-SPF header.  
However, I am thinking of adding a header that is clearer as to
what has happened.  For instance:

X-Trusted-Forwarder: careerbuilder.com

Is there a header in use already that I should adopt?

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [spf-discuss] Standard header for trusted forwarder?, Stuart D. Gathman <=
Previous by Date:  Re: [spf-discuss] Re: Weird spf record, Alex van den Bogaerdt
Next by Date:  Re: [spf-discuss] Weird spf record, Scott Kitterman
Previous by Thread:  [spf-discuss] Your message to support(_at_)ebay(_dot_)com was not received (KMM193296648V92914L0KM), eBay Customer Support
Next by Thread:  [spf-discuss] the SPF website domain name, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]