spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Fw: SRS vs BATV

2006-02-17 16:18:57
from [paddy] [Permanent Link] 
On Sat, Feb 18, 2006 at 07:00:40AM +1300, Craig Whitmore wrote:


Point A = it's a valid Callback. (No DATA)
Point B = it's a bounce (as there is DATA) that I did not send as
          It is being sent to a non BATV encoded RCPT TO


ok ... let's see if I understand now

The callback is possibly testing something other than the "MAIL FROM:"
If the caller wants to test "MAIL FROM:" it may have to go as far as
DATA.  That's why?

Is the callback enshrined as an actual standard somewhere, or is it 
just a hack on the expected behaviour of SMTP ?

Observations:

If a recipient misunderstands this and implements a callback testing
something other than MAIL FROM: and goes all the way to DATA, they
might then reject some of your mail (incorrectly, but perhaps at too
great an inconvenience to you).

I suppose if that were a problem you could just eat the bounce and not
tell the sender (instead of rejecting after DATA), not that this seems
to do anyone else any favours, but then if you're implementing something
like SES you could also provide a more lightweight way of checking,
and spf could cover all the cases except forwarding.

The way that checking the envelope with this is more expensive than
checking 822 addresses bothers me slightly, and I would have bet there 
are some who'd reject at point A, so those kinds of 822 checks are
going to be error-prone anyway (if they're used to influence the
SMTP conversation rather than as say inputs to SA/bayes).  or maybe
I'm just wrong about this, dunno.

If I'm right, and there are significant populations of different and
(sometimes) incompatible anti-spam systems (and that seems to fit with
my observations and the reports of others), then perhaps some values
of right turn out to be a study in how those populations evolve.

Imagine, say that 822 checking CBV systems become extinct (for whatever
reason), then there would be an advantage to rejecting earlier.
Conversely, proliferation of the (broken) CBV of 822 through to DATA
might favour the eat the bounce strategy. And there might even be mixtures
which would tend to stable proportions.

Maybe they could recognize each other by a kind of geekcode in dns 
describing their anti-spam strategies ... :) 

Regards,
Paddy
-- 
Perl 6 will give you the big knob. -- Larry Wall

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: multiple HELOs, paddy
Next by Date:  Re: [spf-discuss] Re: Fw: SRS vs BATV, Hector Santos
Previous by Thread:  RE: [spf-discuss] Fw: SRS vs BATV, Stuart D. Gathman
Next by Thread:  Re: [spf-discuss] Fw: SRS vs BATV, no direct replies
Indexes:  [Date] [Thread] [Top] [All Lists]