Andre Kirchner wrote:
1. Is there a SPF server where a domain must register its mail
server and email addresses?
No. There's an FAQ on <http://www.openspf.org> and a dedicated
SPF Help list (just replace "discuss" by "help" in the address).
You put sender policies in DNS records (TXT and/or the new SPF
record type) at your domain provider - where you have all your
other DNS records, MX, A, etc.
2. An email server that received a message from aaa(_at_)yyy(_dot_)com,
and uses sender ID framework (SIDF) to authenticate messages.
While SenderID (PRA) uses the same syntax as SPF for policy
records, the semantics is rather different, SenderID (PRA) is
not directly related to SMTP, it is based on email headers.
Will it compare the hostname of the email server of domain
yyy.com (which is mailserver.yyy.com) with the hostname
name registered in a SPF server?
I fear none of the SPF lists can answer what SenderID (PRA)
checking servers generally do. As far as they follow the
PRA specification they figure out a PRA in the email header
(an address in the From / Sender / Resent header fields as
specified in RFC 4407), take the RHS (domain) of this PRA,
fetch a SenderID PRA policy DNS record (using the strategy
defined in RFC 4408 for SPF), evaluate it (again doing what
SPF would do), and get a result PASS / FAIL / NEUTRAL / ...
3. I have a hotmail account, and I know Hotmail uses SIDF
to authenticate messages.
Better ask them what they do, it might be unrelated to both
SenderID (PRA) or SPF. If you dig in the SPF HELP archive
you find that the operations of hotmail were a big mystery.
I receive a message from viff(_at_)viff(_dot_)org, but viff.org does
not have a SPF record
FWIW they also have no SenderID (PRA) policy.
How did Hotmail authenticated it?
Why do you think they did, did the viff.org mail arrive with
a Received-SPF header field in your hotmail inbox ?
4. I used the following commands to send me a message, but
didn't receive it. Why did I received this message from
viff(_at_)viff(_dot_)org, but not the following one?
testing.com also has no SPF or FWIW SenderID (PRA) policy.
Did hotmail accept your test mail ? You only showed one
direction of the telnet session, not the hotmail replies.
Frank
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=93031685-b82370
Powered by Listbox: http://www.listbox.com