spf-discuss
[Top] [All Lists]

RE: [spf-discuss] SPF TXT Questions re Effectiveness

2006-11-22 15:57:09
On Wed, 22 Nov 2006, Seth Goodman wrote:

Stuart D. Gathman wrote on Wednesday, November 22, 2006 10:38 AM -0500:

BTW, another important reason for recognizing lame "DSN"s, is that
they are often sent in response to a CBV.  I use SRS to store the
original sender in various header fields, one or more of which are
usually spit back in the lame "DSN".  I can then blacklist the
original sender.  I.e., the  recipient didn't really exist in the
CBV.

I'm trying to understand when this happens.  Who does the CBV and for
what address?  The MTA that receives the CBV sends a DSN even though
you don't go on to DATA?  If so, there's no harm in rejecting it.

It's when I'm sending a real DSN as the CBV, because a message
is quarantined, for instance, and SPF is none/neutral/pass.  (Mail
that silently disappears is bad.)  If the original sender doesn't
exist, they are added to a blacklist so that any further mail (allegedly)
from that sender is immediately rejected.  Other real DSNs are for
softfail (sender is requesting debugging feedback) and permerror
(includes diagnostic message for invalid SPF record).  Configurable
on a per-domain basis with defaults.  All DSNs and CBVs are cached
and rate limited.  All real DSNs contain the original sender, SRS signed, 
in multiple header fields, so that lame failure DSNs that are sent instead 
of rejecting can let me blacklist the original sender.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>