On Tuesday 31 October 2006 22:53, Devin Ganger wrote:
On 10/31/06 9:34 PM, "Scott Kitterman" <scott(_at_)kitterman(_dot_)com> wrote:
On Tuesday 31 October 2006 22:18, Devin Ganger wrote:
Can you be more precise? Are you saying that MS implementations (such as
Exchange) do PRA checks on v=spf1 records instead of MAIL FROM checks, or
are you saying that they do PRA checks on v=spf1 records for Hotmail/MSN?
It's both.
Wow. That's completely in violation of the way MS's own documentation
describes their Sender ID implementation working.
Does anybody have any pointers to constructing a test case that can clearly
demonstrate this? If I have time, I'd love to be able to get a working demo.
Conferences love a good show and tell.
Something like this:
spf.example.com IN TXT "v=spf1 a:example.com -all"
nospf.example.com - NO TXT record
Construct a mail message as follows:
Mail From: testuser(_at_)nospf(_dot_)example(_dot_)com
....
From: testuser(_at_)nospf(_dot_)example(_dot_)com
Sender: testuser(_at_)spf(_dot_)example(_dot_)com
Send it to an Exchange box with the MS SID implementation enabled. I expect
you will get a SID PASS result. This shows v=spf1 used for PRA.
Then try:
Mail From: testuser(_at_)nospf(_dot_)example(_dot_)com
....
From: testuser(_at_)spf(_dot_)example(_dot_)com
Sender: testuser(_at_)nospf(_dot_)example(_dot_)com
Expected result is NONE. This shows why PRA is useless (most MUAs don't
display sender).
Then try:
Mail From: testuser(_at_)spf(_dot_)example(_dot_)com
....
From: testuser(_at_)spf(_dot_)example(_dot_)com
Sender: testuser(_at_)nospf(_dot_)example(_dot_)com
This should remain none. This shows Mail From not checked.
Finally try:
Mail From: testuser(_at_)spf(_dot_)example(_dot_)com
....
From: testuser(_at_)spf(_dot_)example(_dot_)com
This should get a SID pass and reinforce it's just PRA they are doing.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com