On Wed, Mar 10, 2004 at 06:08:35PM -0600, Bob Apthorpe wrote:
> Hi,
>
> On Wed, 10 Mar 2004, Kelson Vibber wrote:
>
> > At 02:58 PM 3/10/2004, Mark C. Langston wrote:
> > >With SPF, I can decide whether or not MY domains use SPF. However, I have
> > >no control over whether the service currently providing my IP transit is
> > >using SPF, and thus whether any mail sent by me while using
> > >that transit is going to be affected by SPF (e.g., transparent proxies).
> >
> > I think you're misunderstanding something. The publishing side of SPF
> > resides solely in your DNS server. The verification side resides solely in
> > the receiving mail server. The outgoing SMTP server doesn't care about SPF.
>
> I believe that what Mark is getting at is that if
>
> - he prefers (say) to use his AOL address everywhere and
>
> - he sends mail using his AOL address through Earthlink's server, and
>
> - AOL publishes restrictive ("v=spf1 mx -all") SPF records
And
- Mark doesn't have any idea how to insert a "Reply-To:" header
in his email giving to his AOL address, or else his correspondents
use MTAs with no shred of support for this very ancient and
well-honored header.
...
> then any system that makes delivery determinations based on SPF would
> refuse, drop, or badly score his mail. Essentially, he's screwed because
> he doesn't control spoofing policy for his AOL address, AOL does. And
> that's a problem, at least for him and for everyone else relying on the
> current model of lax spoofing policy.
Unless he uses "Reply-To:" instead of attempting to spoof.
Am I missing something terribly obvious here? Mailing lists that
arrogate the destruction and replacement of existing "Reply-To:" headers?
--
Dan Wilder
> Hi,
>
> On Wed, 10 Mar 2004, Kelson Vibber wrote:
>
> > At 02:58 PM 3/10/2004, Mark C. Langston wrote:
> > >With SPF, I can decide whether or not MY domains use SPF. However, I have
> > >no control over whether the service currently providing my IP transit is
> > >using SPF, and thus whether any mail sent by me while using
> > >that transit is going to be affected by SPF (e.g., transparent proxies).
> >
> > I think you're misunderstanding something. The publishing side of SPF
> > resides solely in your DNS server. The verification side resides solely in
> > the receiving mail server. The outgoing SMTP server doesn't care about SPF.
>
> I believe that what Mark is getting at is that if
>
> - he prefers (say) to use his AOL address everywhere and
>
> - he sends mail using his AOL address through Earthlink's server, and
>
> - AOL publishes restrictive ("v=spf1 mx -all") SPF records
And
- Mark doesn't have any idea how to insert a "Reply-To:" header
in his email giving to his AOL address, or else his correspondents
use MTAs with no shred of support for this very ancient and
well-honored header.
...
> then any system that makes delivery determinations based on SPF would
> refuse, drop, or badly score his mail. Essentially, he's screwed because
> he doesn't control spoofing policy for his AOL address, AOL does. And
> that's a problem, at least for him and for everyone else relying on the
> current model of lax spoofing policy.
Unless he uses "Reply-To:" instead of attempting to spoof.
Am I missing something terribly obvious here? Mailing lists that
arrogate the destruction and replacement of existing "Reply-To:" headers?
--
Dan Wilder