spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] SPF TXT Questions re Effectiveness

2006-11-21 10:18:30
from [Stuart D. Gathman] [Permanent Link] 
On Tue, 21 Nov 2006, George Hitz wrote:


    I found a white paper on SES protocol (dated 2004) so will
    try to understand that concept and see if it applies in my
    situation.  I don't think it does.


Here is how MAIL FROM signing works.  This example uses SRS in signing
mode.

Yesterday I sent an email with

MAIL FROM: <stuart(_at_)bmsi(_dot_)com>

My pysrs software changed that to:

MAIL FROM: <SRS0=809Ap=FA==stuart(_at_)bmsi(_dot_)com>

Now, should there be a delivery problem, the MTA detecting the problem
should send a DSN with 

MAIL FROM: <> 
RCPT TO: <SRS0=809Ap=FA==stuart(_at_)bmsi(_dot_)com>

When pysrs sees a DSN to a signed address, and the cookie matches a current
secret, the RCPT TO is reversed back to the original:

MAIL FROM: <> 
RCPT TO: <stuart(_at_)bmsi(_dot_)com>

and it gets delivered.

DSNs to unsigned RCPT TO, or cookie doesn't match (or is stale), are
rejected.  This gets rid of all the bounced forgeries and forged bounces.

That is all great.  The big weakness, however, is that too many IDIOTS
write MTA software and don't actually send DSNs.  They send auto-responses.
They will even send an auto-response to a DSN!  I've heuristically
identified some conditions which make me change the MAIL FROM to <>:

1. MAIL FROM is postmaster(_at_)(_dot_)(_dot_)(_dot_)
2. From: header field is postmaster(_at_)(_dot_)(_dot_)(_dot_) 
3. Content-type: header field has report-type=delivery-status

The problem with the last two, is that it is too late to reject before DATA.
The problem with the first two that postmaster *should* be able to send
email.  Sigh.

- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] SPF TXT Questions re Effectiveness, Scott Kitterman
Next by Date:  RE: [spf-discuss] SPF TXT Questions re Effectiveness, Seth Goodman
Previous by Thread:  Re: [spf-discuss] SPF TXT Questions re Effectiveness, Scott Kitterman
Next by Thread:  RE: [spf-discuss] SPF TXT Questions re Effectiveness, Seth Goodman
Indexes:  [Date] [Thread] [Top] [All Lists]