spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Yet another attempt to fix forwarding

2008-02-03 05:53:45
from [Alessandro Vesely] [Permanent Link] 
David MacQuigg wrote:

At 10:49 AM 2/2/2008 +0100, Alessandro Vesely wrote:

If the original sender provides no signature, it is difficult to
discover that a trusted forwarder has become a spammer. We should
devise a technique for detecting if a message has not actually been
forwarded. Checking a random sample may suffice. Any idea?


Seems to me that once a forwarding relationship has been properly
established between two Agents, the only responsibility of the
downstream Agent is to not allow forgery of a specific connection (
Forwarder ID, RCPT Address ).  If the authorized Forwarder itself is
bad, the Recipient must take action.
So you're basically saying that it's up to recipients to delete any forwarding that starts delivering just spam. Probably that's better than any complicated cross checking that might be devised. Checking that the deletion of a forwarding is being honored is one stringent test that can be carried out to maintain a forwarder's trustworthiness.
In addition, a forwarder may reserve a different name (or IP) for forwarding messages signed by some previous hop, thereby allowing the "MDA" to check them while the forwarding relationship is operative. Such possibility may or may not be relevant or not for the downstream agent. 


           |-------- Recipient's Network ---------|
      /
 --> / --> Receiver/Forwarder ~~> MDA ==> Recipient
    /
  Border

If the downstream Agent does not accept this responsibility (my MDA
does not), the same result can be achieved by just keeping your mailbox
address secret.  My MDA address has a few random digits known only to
my Forwarders.  It has been operating for months with no problem.
I know what you mean. However, that only works for a particular setup. Even in your case, a good FF implementation might provide the added functionality of a centralized forwarders management, seamlessly integrating forwarders and mailing lists, irrespective of the number of hops they are far from the final recipient. 

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=93139966-742c8e
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Beginners questions about SPF, Alessandro Vesely
Next by Date:  Re: [spf-discuss] Yet another attempt to fix forwarding, Stuart D. Gathman
Previous by Thread:  Re: [spf-discuss] Yet another attempt to fix forwarding, David MacQuigg
Next by Thread:  Re: [spf-discuss] Yet another attempt to fix forwarding, Stuart D. Gathman
Indexes:  [Date] [Thread] [Top] [All Lists]