Mailing List Archive

Hi !!

> I have read up about SPF and I have a concern with eBay messages. I know
> that eBay forges the headers to show that the sender is the from address.
> I also know that once SPF goes full Deny, how will eBay be able to send
> these messages again?

without any problem, eBayonly forges the headers, not the envelope sender
which is what spf tests.

--
Best regards ...

Discoveries are made by not following instructions.

----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@ols.es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

On Mon, Oct 06, 2003 at 08:43:04AM +0200, David Saez wrote:
> Hi !!
>
> > I have read up about SPF and I have a concern with eBay messages. I know
> > that eBay forges the headers to show that the sender is the from address.
> > I also know that once SPF goes full Deny, how will eBay be able to send
> > these messages again?
>
> without any problem, eBayonly forges the headers, not the envelope sender
> which is what spf tests.

Are you sure about that? I saw a SPF-based failure on Sep 29th.
2003-09-29 11:11:06 1A42UC-0008Sj-JE H=mxpool07.ebay.com (mx13.sjc.ebay.com) [66.135.197.13] F=<email@address.com> rejected after DATA: Not authorized by SPF
(I changed the email address for privacy reasons).

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

In <3F810EF8.9EEF887D@ols.es> David Saez <david@ols.es> writes:

> Hi !!
>
>> I have read up about SPF and I have a concern with eBay messages. I know
>> that eBay forges the headers to show that the sender is the from address.
>> I also know that once SPF goes full Deny, how will eBay be able to send
>> these messages again?
>
> without any problem, eBayonly forges the headers, not the envelope sender
> which is what spf tests.

The same thing applies to mailing lists, such as this one.

I wish it really wouldn't be "without any problem", but,
unfortunately, there are a lot of broken mailing lists software out
there along with a huge number of broken MTAs that don't report the
envelope from to the end user so that the user can detect when it is
wrong. The fundemental problem with all systems that tighten up
requirements is that it exposes systems that are broken.


-wayne

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

Hi !!

> > > I have read up about SPF and I have a concern with eBay messages. I know
> > > that eBay forges the headers to show that the sender is the from address.
> > > I also know that once SPF goes full Deny, how will eBay be able to send
> > > these messages again?
> >
> > without any problem, eBayonly forges the headers, not the envelope sender
> > which is what spf tests.
>
> Are you sure about that? I saw a SPF-based failure on Sep 29th.
> 2003-09-29 11:11:06 1A42UC-0008Sj-JE H=mxpool07.ebay.com (mx13.sjc.ebay.com) [66.135.197.13] F=<email@address.com> rejected after DATA: Not authorized by SPF
> (I changed the email address for privacy reasons).

well, I really don't know what eBay is doing but all mailing list software I
know uses as the envelope sender the mailing list address or some kind of verp
that belong to the same domain as the mailing list.

--
Best regards ...

Discoveries are made by not following instructions.

----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@ols.es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

eBay forges the From address. Here is a sample header I used to test with. This is pure forgery. Therefore, eBay will be broken after July 4th 2004 if they elect not to fix this issue.

Return-path: <auctions@cyberglobe.net>
X-Reverse-Lookup: by ms-rrdns (v0.6); Found 4 IPs: Good=3 Bad=0 Private=1
66.193.107.30 = 66-193-107-30.gen.twtelecom.net
66.193.107.95 = 66-193-107-95.gen.twtelecom.net
66.135.197.13 = mxpool07.ebay.com
10.6.61.30 = Private.Block[RFC-1918]
Received: from smtp30.newbytes.net (66-193-107-30.gen.twtelecom.net [66.193.107.30]) by cyberglobe.net
(Rockliffe SMTPRA 5.2.5) with ESMTP id <B0013031335@www.cyberglobe.net> for <auctions@cyberglobe.net>;
Sun, 5 Oct 2003 12:40:51 -0400
Received: from mx5.newbytes.net ([66.193.107.95])
by smtp30.newbytes.net with esmtp (SpamSlayer 3.0)
id 1A6BsP-000KsD-02
for auctions@cyberglobe.net; Sun, 05 Oct 2003 09:36:57 -0700
Received: from mxpool07.ebay.com ([66.135.197.13] helo=mx13.sjc.ebay.com)
by mx5.newbytes.net with esmtp (SpamSlayer 2.0)
id 1A6Bs3-0006EA-00
for auctions@cyberglobe.net; Sun, 05 Oct 2003 09:36:35 -0700
Received: from cellphone.sjc.ebay.com (cellphone.sjc.ebay.com [10.6.61.30])
by mx13.sjc.ebay.com (8.12.3/8.12.3) with SMTP id h95GaP01012220
for <auctions@cyberglobe.net>; Sun, 5 Oct 2003 09:36:25 -0700
Message-Id: <200310051636.h95GaP01012220@mx13.sjc.ebay.com>
To: auctions@cyberglobe.net
From: auctions@cyberglobe.net
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Question from eBay Member
Date: Sun, 05 Oct 2003 09:36:25 PDT
X-SS-01: 66.135.197.13
X-SS-02: mxpool07.ebay.com
X-SS-03: mx13.sjc.ebay.com
X-SS-04: mxpool07.ebay.com ([66.135.197.13] helo=mx13.sjc.ebay.com)
X-SS-05: auctions@cyberglobe.net
X-SS-06:
X-SpamSlayer: 1210



Rudy K.


----- Original Message -----
From: "David Saez" <david@ols.es>
To: <spf-discuss@v2.listbox.com>
Sent: Monday, October 06, 2003 10:16 AM
Subject: Re: [spf-discuss] Concerns about SPF and ebay messages


> Hi !!
>
> > > > I have read up about SPF and I have a concern with eBay messages. I know
> > > > that eBay forges the headers to show that the sender is the from address.
> > > > I also know that once SPF goes full Deny, how will eBay be able to send
> > > > these messages again?
> > >
> > > without any problem, eBayonly forges the headers, not the envelope sender
> > > which is what spf tests.
> >
> > Are you sure about that? I saw a SPF-based failure on Sep 29th.
> > 2003-09-29 11:11:06 1A42UC-0008Sj-JE H=mxpool07.ebay.com (mx13.sjc.ebay.com) [66.135.197.13] F=<email@address.com> rejected after DATA: Not authorized by SPF
> > (I changed the email address for privacy reasons).
>
> well, I really don't know what eBay is doing but all mailing list software I
> know uses as the envelope sender the mailing list address or some kind of verp
> that belong to the same domain as the mailing list.
>
> --
> Best regards ...
>
> Discoveries are made by not following instructions.
>
> ----------------------------------------------------------------
> David Saez Padros http://www.ols.es
> On-Line Services 2000 S.L. e-mail david@ols.es
> Pintor Vayreda 1 telf +34 902 50 29 75
> 08184 Palau-Solita i Plegamans movil +34 670 35 27 53
> ----------------------------------------------------------------
>
> -------
> Sender Permitted From: http://spf.pobox.com/
> Archives at http://archives.listbox.com/spf-discuss/current/
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname@½§Åv¼ð¦çš2b¥yÈbox.com
>

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@½§Åv¼ð¦¾Øß´ëù1Ií-»Fqx.com

On Mon, Oct 06, 2003 at 10:55:12AM -0400, RKML wrote:
| eBay forges the From address. Here is a sample header I used to test with. This is pure forgery. Therefore, eBay will be broken after July 4th 2004 if they elect not to fix this issue.

they will have to do some kind of sender rewriting.

besides, there are already many MTAs that will reject mail that purports
to be the local domain, if the mail is coming from outside. this is
broken, yes, but it shows how desperate people are.

this sort of thing may break sooner than july 4th since that's only a
recommended softdeny->deny date; it's up to cyberglobe.net to announce
SPF policy.

| Return-path: <auctions@cyberglobe.net>
| X-Reverse-Lookup: by ms-rrdns (v0.6); Found 4 IPs: Good=3 Bad=0 Private=1
| 66.193.107.30 = 66-193-107-30.gen.twtelecom.net
| 66.193.107.95 = 66-193-107-95.gen.twtelecom.net
| 66.135.197.13 = mxpool07.ebay.com
| 10.6.61.30 = Private.Block[RFC-1918]
| Received: from smtp30.newbytes.net (66-193-107-30.gen.twtelecom.net [66.193.107.30]) by cyberglobe.net
| (Rockliffe SMTPRA 5.2.5) with ESMTP id <B0013031335@www.cyberglobe.net> for <auctions@cyberglobe.net>;
| Sun, 5 Oct 2003 12:40:51 -0400
| Received: from mx5.newbytes.net ([66.193.107.95])
| by smtp30.newbytes.net with esmtp (SpamSlayer 3.0)
| id 1A6BsP-000KsD-02
| for auctions@cyberglobe.net; Sun, 05 Oct 2003 09:36:57 -0700
| Received: from mxpool07.ebay.com ([66.135.197.13] helo=mx13.sjc.ebay.com)
| by mx5.newbytes.net with esmtp (SpamSlayer 2.0)
| id 1A6Bs3-0006EA-00
| for auctions@cyberglobe.net; Sun, 05 Oct 2003 09:36:35 -0700
| Received: from cellphone.sjc.ebay.com (cellphone.sjc.ebay.com [10.6.61.30])
| by mx13.sjc.ebay.com (8.12.3/8.12.3) with SMTP id h95GaP01012220
| for <auctions@cyberglobe.net>; Sun, 5 Oct 2003 09:36:25 -0700
| Message-Id: <200310051636.h95GaP01012220@mx13.sjc.ebay.com>
| To: auctions@cyberglobe.net
| From: auctions@cyberglobe.net

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡