spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Re: SPF queries by a newbie

2006-11-15 13:27:02
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jon Grant wrote:

Julian Mehnle elucidated on 14/11/06 17:36:

Jon Grant wrote:

We are essentially hoping that other servers run SPF right? and if
we get an email from a server which isn't checking SPF do we have a
way to know that?


No.  But we can still do our own SPF checking, and if the forwarder
(here: Paypal) hasn't rewritten the sender address to be in their own
domain, there's a high probability that the SPF check will fail (and
rightly so).


Just to check I follow correctly. Do you mean "rewritten"? i didn't
think it was being changed from anything..


Yes, I mean they should rewrite the sender address to end in @paypal.com or 
something.


Now the problem is because Paypal are putting my own email address
in the from field...?


Absolutely, that's Paypal's fault.


I wonder how this message was generated by my ISPs mail server.  It
looks a bit unclear to me:


<jg(_at_)jguk(_dot_)org>: host rhea.easily.co.uk[212.53.64.82] said: 550 
"Mail
from jguk.org is denied from host 64.4.240.67 SPF" (in reply to RCPT
TO command)


I think something like: "Your machine 64.4.240.67
(smtp-outbound.nix.paypal.com) is not authorised to send email from
jg(_at_)jguk(_dot_)org (in reply to RCPT TO command)"


Right.


I forgot to ask, why did I receive the bounce email for Paypal's
mistake? (I had not expected to receive it now I have SPF setup on
jguk.org)  Is there a way to avoid getting it?  I presume their MTA
generated a fresh email or some such..?


rhea.easily.co.uk received a message from PayPal claiming to come from the 
domain jguk.org, which according to your SPF record, was not the case.  So 
rhea.easily.co.uk rejected the message.  Then PayPal generated the bounce 
message (AKA DSN) to jg(_at_)jguk(_dot_)org, because that's what PayPal had 
(illegi- 
timately) set as the envelope sender for its message, and the envelope 
sender is where bounces are sent.  Thus you received the bounce, which 
itself, by the definition of "bounce"/DSN, did have an empty envelope 
sender.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFW3eewL7PKlBZWjsRAjOSAJ410tzIsR6EvmieGc5f/ph6z3LsXACdH+Z2
/YMMM1DXsfh3i332FEPTfRU=
=Auae
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] RPF explanation and examples, K.J. Petrie
Next by Date:  [spf-discuss] Re: RPF explanation and examples, Julian Mehnle
Previous by Thread:  Re: [spf-discuss] Re: SPF queries by a newbie, Jon Grant
Next by Thread:  Re: [spf-discuss] Re: SPF queries by a newbie, Jon Grant
Indexes:  [Date] [Thread] [Top] [All Lists]