spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Question about SPF1 on FROM: address

2006-03-16 22:13:35
On Thu, 16 Mar 2006, Hector Santos wrote:

So why should this email be accepted if the FROM: field has a Restrictive
SPF policy?

Because SPF policies don't apply to the FROM: field.  They only apply
to MAIL FROM.

How does Sender-ID/PRA make this different or how would it apply?

Sender-ID/PRA DOES applies to the FROM: field (in conjunction with
other 2822 fields according to a patented algorithm).

Is this an example of the "Conflict?" of SPF1 vs SPF2.0?  In other words,
what would Manuel do to make this SPF setup work right for this type of
"forwarding?"

Yes, applying the SPF policy to the FROM: field will incorrectly
flag the message as "forged" according to sender policy - when in
fact the sender policy says no such thing.

Manuel doesn't need to do anything (except that it sounds like
his message wasn't appreciated).  SPF was working fine - the MAIL FROM was not
forged.  If you don't like the kind of mail email-newsletter-link.com
sends, then blacklist that domain.  The restrictive SPF policy assures
that they weren't joe-jobbed.

Manuel could also publish a policy about how his domains could be
used in FROM: and related headers by publishing an spf2.0/pra policy.
Then you could check whether his PRA was forged (which could be the FROM: 
or some other field depending on the patented algorithm).

He could also publish his MFROM policy as a spf2.0 record, but not 
as many receivers would be looking for it there.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.



-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

<Prev in Thread] Current Thread [Next in Thread>