Debian Developers - Re: SPF

This is Interesting: Free IT Magazines  
Home > Archive > Debian Developers > July 2004 > Re: SPF





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: SPF
Adam Majer

2004-07-24, 2:48 am

Erik Aronesty wrote:

>Isaac To <iketo2@netscape.net> wrote in message news:<2kYrZ-u1-3@gated-at.bofh.it>...
>
>
>
>That pdf didn't work for me. I read this instead.
>http://spf.pobox.com/srspng.html
>
>I was thinking that a spammer could creates an envelope address with
>"SRS0+hash=timestamp=aol.com=bob@throwawaydomain.com" and a From:
>bob@aol.com with valid SPF info in throwawaydomain.com.
>
>
>

Indeed. SRS breaks SPF. SPF seems to be good only for direct mailing
domains. It essentially breaks all lists.

I guess the only way to allow forwarding is for the MTA to sign each
outgoing message and then to publish the public key in the DNS. I don't
see another way around it.

- Adam

--
Building your applications one byte at a time
http://www.galacticasoftware.com



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2009 webservertalk.com