spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Re: forwarded mail being bounced (by spf check)

2007-01-28 15:10:14
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dick St.Peters wrote:

Julian Mehnle writes:

Those are also the cases that are most relevant for the forwarder
being white-listed by the recipient.  If julian(_at_)mehnle(_dot_)net is the
"treasurer @organization.org", then he should trust organization.org
and not subject messages forwarded by them to SPF checking.  Problem
solved.


When technical people can all get their IP providers to provide
customized reverse DNS for their IPs, then I will believe that
non-technical users just might stand a chance of getting their mail
providers to provide forwarder whitelisting.

Your mail's headers say your mail originated at an IPv6 IP with
reverse DNS name cl-40.muc-02.de.sixxs.net.  Convince me that you
really wanted that particular reverse DNS name, and I will consider
that your "Problem solved" might be predictive.


If I want to exhibit my custom reverse DNS, I use 2001:a60:f01d::1 as the 
egress interface (instead of 2001:a60:f000:27::2, which is really just my 
IPv6 tunnel endpoint):

| $ dig -x 2001:a60:f01d::1 +sho
| gray.home6.mehnle.net.

Anyone can get an IPv6 subnet with reverse DNS delegated from SixXS[1] or 
Freenet[2] these days.


For the typical mail-forwarding case, the user:
    - doesn't know what it is he/she wants
    - doesn't have any idea how mail gets to him/her
    - doesn't know what an IP address is or what one is for
    - doesn't know what the internet is or that email traverses it


I never claimed that end-user education didn't play a role.  I just think 
this isn't something _we_ can do.  ESPs need to do it.  We need to get 
them to do it.

Forwarder white-listing could become very easy for end-users if a stan- 
dardized configuration protocol was developed.  See my original TENBOX 
proposal.


Expecting users to understand anything about how mail works is like
expecting drivers to understand what piston rings are for or telephone
users to know why their analog phone works when the power is off.


It's all a matter of what tools are available.

References:
 1. http://www.sixxs.net
 2. http://www.go6.net/4105/freenet.asp

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFvR7KwL7PKlBZWjsRAmnLAKDHlqfFiqehUm2qWDisNj/lvKMZSQCeJOX1
vQpt23YG0X2zNXR2+SQ8cHo=
=vWjk
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: How does one distinguish between authorizing MAIL FROM and HELO, Scott Kitterman
Next by Date:  [spf-discuss] Re: Election issue: forwarding problem, Julian Mehnle
Previous by Thread:  Re: [spf-discuss] Re: forwarded mail being bounced (by spf check), Dick St.Peters
Next by Thread:  Re: [spf-discuss] forwarded mail being bounced (by spf check), David MacQuigg
Indexes:  [Date] [Thread] [Top] [All Lists]