John Kelly <jak(_at_)isp2dial(_dot_)com> writes:
On Wed, 22 Feb 2006 01:59:32 -0500, Mark Shewmaker
<mark(_at_)primefactor(_dot_)com> wrote:
However, you are free (other than possible patent concerns) to continue
using your chosen method of rejecting mail if you wish. Just don't
expect anyone to alter their published records in such a way as to make
your misinterpretation result in answers more in line with what you
want.
If senders want to get their mail thru, they will comply. They need
me more than I need them.
Careful what you wish for. Right now, a great many domains publish
v=spf1 records. This gives you information. In particular, it says,
"If my mail-from address is used by a client whose IP address I didn't
specify, you should reject the mail, because it is a forgery."
Unfortunately, you are taking that information out of context and
rejecting legitimate mail. As a domain owner, I can easily "comply"
with your mail server. All I have to do is delete my SPF record. But
if a lot of people do that, you'll lose information!
If you're looking for something that will help you reject forged mail
today, it's SPF, because that's what many sites have published in DNS.
Many fewer have published Sender-ID records. The best you can do is
to use the information that domain owners are actually supplying you,
not what you wish they were giving you! And there's software
available to let you do it. Here's a perl SPF sendmail milter:
http://srs-socketmap.info/spf/sendmail-milter-spf.pl
If you don't like perl, I've got a C++ implementation that acts as an
SMTP server wrapper around sendmail here:
http://www.mailavenger.org/
There are a bunch of other SPF implementations different MTAs
available here:
http://www.openspf.org/downloads.html
David
--
This message was sent from a non-repliable address for a closed mailing list.
If you wish to reply directly to me, you can use the following address, which
expires on 07 Mar 2006:
<mazieres-2vziqj4phwxkxxkrinrr44i6ia(_at_)temporary-address(_dot_)scs(_dot_)stanford(_dot_)edu>
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com