spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] SPF, DKIM, and NIH

2009-10-12 10:04:47
from [Michael Deutschmann] [Permanent Link] 
On Mon, 12 Oct 2009, Alessandro Vesely wrote:

Relayers are free to change the MAIL FROM:, and far from blocking them from
changing it, if they do change it this frees them to drop the signature
without consequence.


That's very easy to forge, though. As long as spammers sign correctly, 
[...]
generic forwarding-resistant solution that DKIM claims to be.


Yes, Envelope-DKIM permits the bad guys to do:

MAIL FROM: <evil(_at_)evil(_dot_)example(_dot_)org>
RCPT TO: <victim(_at_)victim(_dot_)example(_dot_)net>
DATA
DKIM-Signature: ... d=evil.example.org ...
From: First Bank of Erewhon <victims-bank(_at_)bank(_dot_)example(_dot_)com>
Subject: Urgent! Need to re-confirm your account
....

But, *so* *does* *SPF*.  And it's this very property that gives SPF its
immunity to mailing list FPs.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
Next by Date:  Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
Previous by Thread:  Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
Next by Thread:  Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]