spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] http://senderid.espcoalition.org/

2006-02-04 03:46:37
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Craig Whitmore wrote:

I just tried http://senderid.espcoalition.org/ and I was wondering if
what they are doing is correct:

MAIL FROM: craig(_at_)spam(_dot_)co(_dot_)nz
PRA: craig(_at_)spam(_dot_)co(_dot_)nz
SPF-Record-Classic: v=spf1 ip4:219.88.242.0/27 -all
SPF-Record-MFROM Scope: v=spf1 ip4:219.88.242.0/27 -all
SPF-Record-PRA Scope: spf2.0/pra ip4:219.88.242.0/27 -all
[...]

They are testing for MFROM and PRA for SenderID. but using the v=spf1
record for the SPF-MFROM test
As I only put a spf2.0/pra it should NOT check for the SenderID MFROM at
all.


Sender-ID will always use "v=spf1" for MAIL FROM checking unless an 
existing "spf2.0" record has an "mfrom" scope.


Also they say (maybe incorrectly)
Senders should publish SPF-Records in version 1 or version 2 formats,
not both. The version 2 format was designed for senders who use
different domains in their PRA and MAIL FROM headers, or senders who do
not wish to define a policy for the SenderID-PRA-Method. Most senders
use the same domains in both and therefore should publish SPF-Records in
version 1 format only. Using version 2 of the SPF-Records, a sender can
specify whether the record provides information about domains found in
the MAIL FROM (MFROM) header (scope), the PRA header (scope) or both.
Senders may publish one SPF version 2 record for each scope.


This is Microsoft propaganda.  The version 2 format was _really_ just 
designed as an alibi so MS could get away more easily with abusing 
"v=spf1" records for PRA by saying that "v=spf1" users should publish 
"spf2.0" if they don't want their records to be abused for PRA.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD5IXhwL7PKlBZWjsRAjHDAKCV5L9UYILqOhC+5WcXOkMLiNJ6pQCfWW5V
3s18aJhQgxnaln8WRpOxF9E=
=B3g/
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [spf-discuss] http://senderid.espcoalition.org/, Craig Whitmore
Next by Date:  [spf-discuss] Re: http://senderid.espcoalition.org/, Frank Ellermann
Previous by Thread:  [spf-discuss] http://senderid.espcoalition.org/, Craig Whitmore
Next by Thread:  [spf-discuss] Re: http://senderid.espcoalition.org/, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]