[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPF abused by spammers

To: ietf-mxcomp@xxxxxxx
Subject: Re: SPF abused by spammers
From: "Alan DeKok" <aland@xxxxxx>
Date: Fri, 17 Sep 2004 16:54:30 -0400
In-reply-to: Your message of "Fri, 17 Sep 2004 20:18:45 BST." <>
List-archive: <http://www.imc.org/ietf-mxcomp/mail-archive/>
List-id: <ietf-mxcomp.imc.org>
List-unsubscribe: <mailto:ietf-mxcomp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mxcomp@xxxxxxxxxxxx

"Chris Haynes" <chris@xxxxxxxxxxxxxxxxx> wrote:
> My understanding is that SPF records declare the policy of the
> _sender_.  If the sender trusts the shared MTA to verify all
> originators and to prevent cross-customer spoofing, then the sender
> can use something like '+mx -all' and the receiver should respect
> the sender's trust in the shared MTA s/he uses.

  In that case, the recipient has checked with the originator, and has
information by which to decide whether or not to trust the shared MTA.

  And yes, "originator trusts the shared MTA" still may mean that "the
message may be spoofed".  This indicates a weakness in any MAIL FROM
authentication. when shared MTA's are used.

  Alan DeKok.

Follow-Ups:
- Re: SPF abused by spammers
  - From: Chris Haynes

References:
- Re: SPF abused by spammers
  - From: Chris Haynes

Prev by Date: RE: Patent Application 683624
Next by Date: RE: TECH-ERROR: SenderID sets recomendation for forwarders that are not compatible with RFC 2822
Previous by thread: Re: SPF abused by spammers
Next by thread: Re: SPF abused by spammers
Index(es):
- Date
- Thread