spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: MS Puts SID Patents Under Open Specification Promise

2006-10-31 22:24:48
from [Scott Kitterman] [Permanent Link] 
On Tuesday 31 October 2006 22:53, Devin Ganger wrote:

On 10/31/06 9:34 PM, "Scott Kitterman" <scott(_at_)kitterman(_dot_)com> wrote:


On Tuesday 31 October 2006 22:18, Devin Ganger wrote:

 

Can you be more precise? Are you saying that MS implementations (such as
Exchange) do PRA checks on v=spf1 records instead of MAIL FROM checks, or
are you saying that they do PRA checks on v=spf1 records for Hotmail/MSN?

 

It's both.


Wow. That's completely in violation of the way MS's own documentation
describes their Sender ID implementation working.

Does anybody have any pointers to constructing a test case that can clearly
demonstrate this? If I have time, I'd love to be able to get a working demo.
Conferences love a good show and tell.


Something like this:

spf.example.com  IN TXT "v=spf1 a:example.com -all"
nospf.example.com - NO TXT record

Construct a mail message as follows:

Mail From: testuser(_at_)nospf(_dot_)example(_dot_)com
....

From: testuser(_at_)nospf(_dot_)example(_dot_)com
Sender: testuser(_at_)spf(_dot_)example(_dot_)com

Send it to an Exchange box with the MS SID implementation enabled.  I expect 
you will get a SID PASS result.  This shows v=spf1 used for PRA.

Then try:

Mail From: testuser(_at_)nospf(_dot_)example(_dot_)com
....

From: testuser(_at_)spf(_dot_)example(_dot_)com
Sender: testuser(_at_)nospf(_dot_)example(_dot_)com

Expected result is NONE.  This shows why PRA is useless (most MUAs don't 
display sender).

Then try:

Mail From: testuser(_at_)spf(_dot_)example(_dot_)com
....

From: testuser(_at_)spf(_dot_)example(_dot_)com
Sender: testuser(_at_)nospf(_dot_)example(_dot_)com

This should remain none.  This shows Mail From not checked.

Finally try:

Mail From: testuser(_at_)spf(_dot_)example(_dot_)com
....

From: testuser(_at_)spf(_dot_)example(_dot_)com

This should get a SID pass and reinforce it's just PRA they are doing.

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [spf-discuss] Re: MS Puts SID Patents Under Open Specification Promise, Frank Ellermann
Next by Date:  [spf-discuss] Re: [Fwd: Re: DNSOP Agenda for San Diego (IETF 67)], Frank Ellermann
Previous by Thread:  Re: [spf-discuss] Re: MS Puts SID Patents Under Open Specification Promise, Devin Ganger
Next by Thread:  Re: [spf-discuss] Re: MS Puts SID Patents Under Open Specification Promise, Devin Ganger
Indexes:  [Date] [Thread] [Top] [All Lists]