Mailing List Archive

It's the return path. For most this will be the same as from.

Scott Kitterman

> -----Original Message-----
> From: owner-spf-help@v2.listbox.com
> [mailto:owner-spf-help@v2.listbox.com]On Behalf Of Alan Fendrick
> Sent: Tuesday, October 05, 2004 11:14 AM
> To: spf-help@v2.listbox.com
> Subject: [spf-help] Setting up SPF
>
>
> What is the domain that is checked - is it the "from" or the
> "reply to" - or is it required that these be the same for SPF.
>
> Alan Fendrick
> www.launchfax.com
> 732-450-3688 x201
> 732-559-9001 (fax)
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate
> your subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

When you send mail the initial public IP is in the header. I understand
that is what is SPF'ed to match the Reply-To.



-----Original Message-----
From: owner-spf-help@v2.listbox.com
[mailto:owner-spf-help@v2.listbox.com] On Behalf Of Alan Fendrick
Sent: Tuesday, October 05, 2004 11:14 AM
To: spf-help@v2.listbox.com
Subject: [spf-help] Setting up SPF

What is the domain that is checked - is it the "from" or the "reply to"
- or is it required that these be the same for SPF.

Alan Fendrick
www.launchfax.com
732-450-3688 x201
732-559-9001 (fax)

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com


--------------------------------------------------------------------------------
This email is intended only for the named recipents. All email is monitored and archived for compliance requirements.
The views or context in this message may not reflect the view or context of the company.
--------------------------------------------------------------------------------



-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

no, it is the "return-path" header
it may be different from the reply-to header
which is not necessary while sending an email

Yannick

----- Original Message -----
From: "Benjamin Zachary" <bzachary@networthco.com>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, October 05, 2004 8:54 PM
Subject: RE: [spf-help] Setting up SPF


When you send mail the initial public IP is in the header. I understand
that is what is SPF'ed to match the Reply-To.



-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Tue, Oct 05, 2004 at 02:54:21PM -0400,
Benjamin Zachary <bzachary@networthco.com> wrote
a message of 39 lines which said:

> When you send mail the initial public IP is in the header.

Not at all.

> I understand that is what is SPF'ed to match the Reply-To.

Not at all.

Please, could you learn SPF before replying to newbies on spf-help?

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Please read the drafts / documentation no spf.pobox.com
(/mechanisms.html, /faq.html, etc..)

spf is meant for the mta, which knows from it's connection which ip it
is that is connected. The spf record of the MAIL FROM: (return path)
domain is looked up and compared against this IP. Checking of spf
against ip's you recover from headers is bad advice.

Reply-To is nowhere in the spf spec, has nothing to do with spf..

Koen

On Tue, Oct 05, 2004 at 02:54:21PM -0400, Benjamin Zachary wrote:
> When you send mail the initial public IP is in the header. I understand
> that is what is SPF'ed to match the Reply-To.
>
>
>
> -----Original Message-----
> From: owner-spf-help@v2.listbox.com
> [mailto:owner-spf-help@v2.listbox.com] On Behalf Of Alan Fendrick
> Sent: Tuesday, October 05, 2004 11:14 AM
> To: spf-help@v2.listbox.com
> Subject: [spf-help] Setting up SPF
>
> What is the domain that is checked - is it the "from" or the "reply to"
> - or is it required that these be the same for SPF.
>
> Alan Fendrick
> www.launchfax.com
> 732-450-3688 x201
> 732-559-9001 (fax)
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
> subscription, please go to
> http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
>
> --------------------------------------------------------------------------------
> This email is intended only for the named recipents. All email is monitored and archived for compliance requirements.
> The views or context in this message may not reflect the view or context of the company.
> --------------------------------------------------------------------------------
>
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

I have edited our records to show the following
v=spf1 a mx include:digitalky.com ~all
when this is active mail from our local domain is rejected

any help would be great as I am new to spf

**********************************
Bill Curd - KC6KFQ
Network Operations Administrator
Nextel Authorized Representative
Motorola Canopy Wireless Provider
http://www.digitalky.com
Ph 270-230-1000
Voip 270-872-4263
*****************************************

------------------------------------------
Certified Virus Free - digitalky.com
Scanned by Vircom Modus Mail 4
------------------------------------------

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Sun, Oct 17, 2004 at 09:44:41AM -0500,
Bill Curd <bcurd@digitalky.com> wrote
a message of 20 lines which said:

> I have edited our records to show the following v=spf1 a mx
> include:digitalky.com ~all

Which means there is an infinite recursion (digitalky.com incldues the
record of digitalky.com and so on). This is probably your problem.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Hi,

You have a bit of a problem here. The only way to make this work is to
set up SPF records so that you are allowed to send mail from your two
isp's is to include a overly permissive set of servers in your SPF
record.

It depends a bit here: are you using the ISP's smtp servers as relay or
are you sending directly from your dial-in account? If the former is the
case, you need to get the ip's for those smtp servers, which you should
ask you ISP to provide (there are ways to find out for yourself, if the
ISP is unwilling to help, but in any case you need to keep the setup up
to date: if the ISP changes something you need to follow). Setting it up
like so has a disadvantage: anyone who also uses the ISP's smtp's as
relay can still forge your domains.

If you send directly from your dial up account, you need to include the
IP's you get when you dial up. Probably this is allocated from a dynamic
ip range, which means you will have to include a large number of IP
addresses (like ip4:10.0.0.0/8), meaning again that any dial up customer
of your ISP can still forge your domain.

The best solution is for your domain hoster to provide an SMTP-AUTH
login on their servers, with protection from cross-customer forgery. Ask
your domain hoster if they provide such a server. If not, such a service
is in the making both for free (for small and private domain users) as
well as commercially. I expect to be offering such a service commerially
before the end of this year for example.

As a last note: do not use the wizard from microsoft, it is seriously
broken and does not help you setting up spf records, only pra records.
PRA is a technically flawed protocol.

Kind regards,

Koen Martens

On Fri, Nov 19, 2004 at 07:37:54PM -0800, Kaye Caldwell wrote:
> I have 2 domain names which are hosted at a third party. I send mail
> "from" those domains via my dial up account which is either ix.netcom.com
> or mindspring.com (both of which are now owned by earthlink), using
> Eudora's personality feature. I would like to set up my DNS records for
> the 2 domains to use SPF in the hopes that it will stop people from
> spoofing my addresses at the 2 domains and and using my return address to
> send spam. I have tried to use the MS sender ID wizard, but it does not
> seem to be set up for the hosted domain situation. I'm not sure I know
> enough yet to ask the right questions, but I think they are:
> 1) what IP address do I use as my out-going mail address and how do I find
> out what that IP address is? (I'm guessing that I use the one listed in
> the DNS infor for netcom.com, right? The SMTP server specified in my Eudora
> personality record for those domains is smtp.ix.netcom.com.)
> 2) What do I put in my DNS record, and HOW do I get it there?
> Any help appreciated!
>
> Thanks,
> Kaye
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
> subscription, please go to
> http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Kaye Caldwell wrote:

> 1) what IP address do I use as my out-going mail address and
> how do I find out what that IP address is?

Your talking about two domains and two mail providers. For a
first experiment send mails from the 1st domain via your 1st
provider to the 2nd domain, and from the 2nd domain via your
2nd provider to the 1st domain.

Then analyze the mail headers (only the "Received:" lines are
relevant), compare it with ordinary mails from somebody else.

The top Received: headers will be similar => stuff happening
at the receiving side. But one line (top down) is different,
you see the same ... by receiver as always, with a different
part Received: from name.at.your.ISP.example ([1.2.3.4]) by ...

That's it, note the name and the IP. Same procedure with your
other provider. If it's very obvious (e.g. the name is what
you have configured in your mail program for outgoing mail),
then note "v=spf1 a:name.at.your.ISP.example ?all" for this
ISP. Add a:name.at.other.ISP.example (only if it's obvious).

If it's not obvious ask again. Ideally your ISPs already have
sender policies, and you can include it:

"v=spf1 include:1st.ISP.example include:2nd.ISP.example ?all".

But maybe that's not the case for EL. You can test it with one
of the tools on <http://spf-help.net>, or just go directly to
<http://vweb.nass.com.au/cgi-bin/dnslookup> and test your ISPs.

If they don't have a sender policy you're forced to guess one,
that's the example with a: (see above), but it's not always
obvious. They could have more than one box actually sending
mail, and it's not necessarily the box configured in your mail
program. And one experiment won't show you more than one box.

> 2) What do I put in my DNS record, and HOW do I get it there?

If you have no idea test "v=spf1 ?all" (that's a dummy, it has
the same effect as no policy at all, or at least that's the
theory). How you get it there depends on your domain hoster,
or rather on the nameserver for your domains. I'd know where
to find it for DynDNS, but that's probably irrelevant for you.

Bye, Frank


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Thanks. The "nameserver for my domains" -- is that the company that I
registered my domains through (Network Solutions)?

This is all seeming pretty complicated - and I used to write software so
it's not like I'm completely clueless. How is the average
semi-computer-literate small business person using hosted domains going to
wade through all this? Surely there are a large number of them -- and how
well will this technology work if it's not adopted pretty universally?

- Kaye

At 03:28 AM 11/20/04, Frank Ellermann wrote:
> > 2) What do I put in my DNS record, and HOW do I get it there?
>
>If you have no idea test "v=spf1 ?all" (that's a dummy, it has
>the same effect as no policy at all, or at least that's the
>theory). How you get it there depends on your domain hoster,
>or rather on the nameserver for your domains. I'd know where
>to find it for DynDNS, but that's probably irrelevant for you.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Sat, Nov 20, 2004 at 07:14:45AM -0800,
Kaye Caldwell <kaye@ix.netcom.com> wrote
a message of 25 lines which said:

> This is all seeming pretty complicated

Managing a mail server in today's Internet is complicated. It used to
be simpler.

> How is the average semi-computer-literate small business person
> using hosted domains going to wade through all this?

Because otherwise, he will not be able to send email. Today, you have
to make your email server compliant with the wishes of AOL
(http://postmaster.aol.com/), of Hotmail, of Earthlink, etc. In the
future, I hope it will be enough to be compliant with one standard but
sending email will nevertheless be more complicated than it was ten
years ago.

Now, for your specific example, it seems reasonable to assume that an
ISP will do it for him.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Kaye Caldwell wrote:

> This is all seeming pretty complicated

Only if you try to explain it, not if you just do it ;-)

Okay, I can "read" mail headers, if that's a problem
you can use spamcop.net to analyze your "test mails",
or post it here (only the Received: lines) and we'll
find the relevant IP resp. host name.

> How is the average semi-computer-literate small business
> person using hosted domains going to wade through all this?

The average semi-literate like me is forced to learn
this stuff when he wants to fight spam and other mail
abuses.

The first time somebody forged my address was 2001 IIRC,
and the support team of my former ISP somehow convinced
me that neither the UN nor the police can help me with
this "crime". I guess that I was a bit excited, maybe.

> how well will this technology work if it's not
> adopted pretty universally?

It's a self-fulfilling prophecy. Spammers don't care
how much of their forgeries reach their audience, but
they really hate it if _nothing_ gets through at some
big ISP with clueless masses like say AOL.

Therefore they'll stop to forge your addresses if they
find that that's rejected by all receivers implementing
SPF (*). It's not necessary to adopt SPF universally.

Bye, Frank

*: in practice that can take some time, some spammers
are not very bright. Some are really stupid, they
buy huge lists with "fresh opt-in addresses", and
then send spam to my Message-IDs 3?????.????@xyzzy -
the stuff with 3?????.???? was created more than two
years ago and harvested in an e-mail abuse newsgroup.


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

What do you do when they "forge" the address into Yahoo and
you can't get your own mail?
Regards.


----- Original Message -----
From: "Frank Ellermann" <nobody@xyzzy.claranet.de>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, November 23, 2004 5:57 PM
Subject: [spf-help] Re: Setting up SPF


> Kaye Caldwell wrote:
>
> > This is all seeming pretty complicated
>
> Only if you try to explain it, not if you just do it ;-)
>
> Okay, I can "read" mail headers, if that's a problem
> you can use spamcop.net to analyze your "test mails",
> or post it here (only the Received: lines) and we'll
> find the relevant IP resp. host name.
>
> > How is the average semi-computer-literate small business
> > person using hosted domains going to wade through all
this?
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

jwwright wrote:

> What do you do when they "forge" the address into Yahoo
> and you can't get your own mail?

What are you talking about, a spam MAIL FROM:<user@yahoo> ?
Yahoo has no sender policy, SPF won't help you in this case.

It also won't hurt you, when is it that you don't get your
own mail ?
Bye, Frank


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

My ISP recognizes an email from me using my ID.

My ISP has a SPF record, which authorizes only one
machine.

66.94.237.45, a Yahoo machine, has no right to claim to be
my ISP
I would say that SPF worked perfectly well at my ISP.

But the Yahoo setup allows a bulk mailer to assume my
identity and mail to other users so I have to talk with
Yahoo PEOPLE. Fixing the problem is a job for their mail
administrator, not
for the mail user (my ISP).

BUT I CAN'T TALK TO YAHOO!!!!!! They are dumbaxxes. They
don't know they are being ATTACKED!

Problem:
Yahoo's groups send emails to their users. If the user is
blocked by SPF, then the bulk mailer is killing off his own
resource and blocking my receipt of emails from my group to
me. In addition, yahoo won't accept an email from my ISP to
the group now, so I have to logon and read the group going
thru yahoo which loads down their system.
I have to create a new email address at yahoo to send and
receive emails and that makes the whole process last hours.

Great system you have! The bulk mailers will soon learn
they're not reaching anyone and figure our how to fix it, if
anyone does.
The only thing I can do is get a new ISP.

Regards.


----- Original Message -----
From: "Frank Ellermann" <nobody@xyzzy.claranet.de>
To: <spf-help@v2.listbox.com>
Sent: Tuesday, November 23, 2004 10:34 PM
Subject: [spf-help] Re: Setting up SPF


> jwwright wrote:
>
> > What do you do when they "forge" the address into Yahoo
> > and you can't get your own mail?
>
> What are you talking about, a spam MAIL FROM:<user@yahoo>
?
> Yahoo has no sender policy, SPF won't help you in this
case.
>
> It also won't hurt you, when is it that you don't get your
> own mail ?
> Bye, Frank
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily
deactivate your subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.c
om


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Wed, Nov 24, 2004 at 03:38:57AM -0600, jwwright wrote:
> My ISP recognizes an email from me using my ID.
>
> My ISP has a SPF record, which authorizes only one
> machine.
>
> 66.94.237.45, a Yahoo machine, has no right to claim to be
> my ISP
> I would say that SPF worked perfectly well at my ISP.

66.94.237.45 is not claiming anything, apparently your ISP is claiming
something that is untrue. Seems you have an issue with your ISP.

> But the Yahoo setup allows a bulk mailer to assume my
> identity and mail to other users so I have to talk with
> Yahoo PEOPLE. Fixing the problem is a job for their mail
> administrator, not
> for the mail user (my ISP).

If you protect your domain with spf, yahoo can not assume your identity.
That's the whole point of spf: controlling who may assume your identity.

> Great system you have! The bulk mailers will soon learn
> they're not reaching anyone and figure our how to fix it, if
> anyone does.
> The only thing I can do is get a new ISP.

Try to understand the system before writing it off.

You could publish proper SPF records for your domain, or take them down
entirely. Both will ensure that spf wll not get in your way. If your ISP
is applying spf records without you having any influence in it, yes you
definately need a new ISP that is more into helping customers.

Koen

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

You and yahoo don't understand the problem. I and my ISP
can't fix the problem.
it has to be yahoo. My users are switching ISP's to get
around it, or just not doing the email option in the group.
I don't know how else to explain it since it's not my
computer and not my ISP. I CAN ACTUALLY TALK TO MY SYSTEM
ADMINISTRATOR ON THE TELEPHONE.

Are you real person? (seriously)

Regards.

----- Original Message -----
From: "Koen Martens" <spf@metro.cx>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, November 24, 2004 3:52 AM
Subject: Re: [spf-help] Re: Setting up SPF


>
>
> On Wed, Nov 24, 2004 at 03:38:57AM -0600, jwwright wrote:
> > My ISP recognizes an email from me using my ID.
> >
> > My ISP has a SPF record, which authorizes only one
> > machine.
> >
> > 66.94.237.45, a Yahoo machine, has no right to claim to
be
> > my ISP
> > I would say that SPF worked perfectly well at my ISP.
>
> 66.94.237.45 is not claiming anything, apparently your ISP
is claiming
> something that is untrue. Seems you have an issue with
your ISP.
>
> > But the Yahoo setup allows a bulk mailer to assume my
> > identity and mail to other users so I have to talk with
> > Yahoo PEOPLE. Fixing the problem is a job for their mail
> > administrator, not
> > for the mail user (my ISP).
>
> If you protect your domain with spf, yahoo can not assume
your identity.
> That's the whole point of spf: controlling who may assume
your identity.
>
> > Great system you have! The bulk mailers will soon learn
> > they're not reaching anyone and figure our how to fix
it, if
> > anyone does.
> > The only thing I can do is get a new ISP.
>
> Try to understand the system before writing it off.
>
> You could publish proper SPF records for your domain, or
take them down
> entirely. Both will ensure that spf wll not get in your
way. If your ISP
> is applying spf records without you having any influence
in it, yes you
> definately need a new ISP that is more into helping
customers.
>
> Koen
>


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Wed, Nov 24, 2004 at 04:03:53AM -0600,
jwwright <jwwright@eastex.net> wrote
a message of 74 lines which said:

> You and yahoo don't understand the problem. I and my ISP can't fix
> the problem. it has to be yahoo.

I agree. Why don't you talk to Yahoo?

> not my computer and not my ISP.

But it is your mailing list (the one hosted at Yahoo) that seems to be
broken (sending mail from yahoo but pretending to be from Eastex).

> Are you real person? (seriously)

Koen is real and, while I agree that he did not understand the
problem, he has a good reason: your messages are extremely confused,
with bad quoting and contradictions.


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Of course I am confused. I am an email user not an
administrator.
But tell me HOW do I TALK to Yahoo? I've had this problem
since yesterday noon. My ISP's been using SPF for 2 months.
HOW will yahoo know they're being attacked?

Regards.

----- Original Message -----
From: "Stephane Bortzmeyer" <bortzmeyer@nic.fr>
To: "jwwright" <jwwright@eastex.net>
Cc: <spf-help@v2.listbox.com>
Sent: Wednesday, November 24, 2004 4:12 AM
Subject: [spf-help] Re: Setting up SPF


> On Wed, Nov 24, 2004 at 04:03:53AM -0600,
> jwwright <jwwright@eastex.net> wrote
> a message of 74 lines which said:
>
> > You and yahoo don't understand the problem. I and my ISP
can't fix
> > the problem. it has to be yahoo.
>
> I agree. Why don't you talk to Yahoo?
>
> > not my computer and not my ISP.
>
> But it is your mailing list (the one hosted at Yahoo) that
seems to be
> broken (sending mail from yahoo but pretending to be from
Eastex).
>
> > Are you real person? (seriously)
>
> Koen is real and, while I agree that he did not understand
the
> problem, he has a good reason: your messages are extremely
confused,
> with bad quoting and contradictions.
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily
deactivate your subscription,
> please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.c
om


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Wed, Nov 24, 2004 at 04:26:37AM -0600,
jwwright <jwwright@eastex.net> wrote
a message of 57 lines which said:

> Of course I am confused. I am an email user not an administrator.

BTW, SPF people can have more details at the Help Center, ticket #129.

> But tell me HOW do I TALK to Yahoo?

It is your provider (they host your mailing list), not mine.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

It isn't clear to me from the information you have posted so far that your
problem has anything to do with SPF. I do not believe that Yahoo checks
SPF, so if Yahoo isn't accepting your mail, it may be something else.

Would you please post the entire message you received from Yahoo with the
header? That would help us understand what's going on.

Scott Kitterman
>-----Original Message-----
>From: owner-spf-help@v2.listbox.com
>[mailto:owner-spf-help@v2.listbox.com]On Behalf Of jwwright
>Sent: Wednesday, November 24, 2004 5:27 AM
>To: spf-help@v2.listbox.com
>Subject: Re: [spf-help] Re: Setting up SPF
>
>
>Of course I am confused. I am an email user not an
>administrator.
>But tell me HOW do I TALK to Yahoo? I've had this problem
>since yesterday noon. My ISP's been using SPF for 2 months.
>HOW will yahoo know they're being attacked?
>
>Regards.
>

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

>-----Original Message-----
>From: owner-spf-help@v2.listbox.com
>[mailto:owner-spf-help@v2.listbox.com]On Behalf Of Bryan Knight
>Sent: Wednesday, November 24, 2004 11:07 AM
>To: spf-help@v2.listbox.com
>Subject: RE: [SPAM] - Re: [spf-help] Re: Setting up SPF - Found word(s)
>receipt of emails in the Text body
>
>
>Yahoo groups is a list serve. I am on more than a few and own a bunch.
>The group sends via a from address that is yahoo. IE
>SPFisCoolGroup@yahoogroups.com ... Since SPF is checking the sending
>only, and argueably yahoo allows its list serve to send OR has no policy
>at all on the groups, than it cannot block your email at all...
>
Yes, they do a form of return path rewriting. Here is the return path for a
message I got from one of the groups I subscribe to:

Return-Path:
<sentto-479767-3266-1101311971-unison=kitterman.com@returns.groups.yahoo.com
>

Since yahoogroups.com does not publish an SPF policy, SPF checking should
not affect these messages. Since Yahoo Groups does not change the From:
(normal for a mail list), if some is incorrectly using SPF records to check
From:, then that would cause a failure. Some sort of misonfigured SPF check
seems to be the likely culprit.

If the original poster could publish the rejection message (with headers),
we could probably tell where the problem was.

Scott Kitterman

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

jwwright wrote:

> My ISP has a SPF record, which authorizes only one machine.

That's good, spammers trying to forge your address have now
a serious problem, and you get less bogus bounces and other
crap.

> 66.94.237.45, a Yahoo machine, has no right to claim to be
> my ISP

> I would say that SPF worked perfectly well at my ISP.

Yes. Yahoo also has no right to forge your address.

> But the Yahoo setup allows a bulk mailer to assume my
> identity and mail to other users so I have to talk with
> Yahoo PEOPLE.

That's a problem, because abuse@yahoogroups.com is a PITA.
If you're unhappy with their answers forward it with the
evidence to mail-abuse AT yahoo-inc.com

But I still don't get your problem. In my case a stupid
spammer forged my address (fake@xyzzy) and did "something"
with yahoogroups - I'm not sure what, but I got all the
bogus confirmation requests etc.

I've reported this to abuse@yahoogroups each and every
time for about two weeks (before I had simply deleted all
mails with "yahoogroups" anywhere in the headers).

If it was a bogus subscription they often said that they
handled it. Otherwise they often played dumb, and then
I forwarded it to mail-abuse AT yahoo-inc.com

In one case I got a questionnaire about how the problem
was handled, and let's say I answered it honestly. Some
days later "my" spammer stopped to abuse my addresses -
after six months (resp. 5 months with SPF on my side).

No more crap from Yahoo, no more bounces, out of office,
challenges, back to the happy days of 2003, when I could
forward all my spam without manual checking to SpamCop.

Good luck with Yahoo, Frank


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

>-----Original Message-----
>From: owner-spf-help@v2.listbox.com
>[mailto:owner-spf-help@v2.listbox.com]On Behalf Of ricknorris@alltel.net
>Sent: Tuesday, June 14, 2005 4:10 PM
>To: spf-help@v2.listbox.com
>Subject: [spf-help] Setting up SPF
>
>
>Hello,
>
>I am at a loss here. Where do I put the text file? Is it on a
>server I have internally, or on a server with our ISP.
>
>Also, we have a 1 mail server that sends out 5 different e-mail
>domains. ie. mail1.com, mail2.com, mail3.com .... they all send
>from one machine and we have one mx record. This is due to the
>company having 5 different business groups. So each employee has
>2 or 3 different e-mail addresses pertaining to their function and
>business unit.
>
>How would this look in the TXT file?
>
>I was thinking "v=spf1 a mx ptr ~all"
>
>Does that sound right?
>
>Thanks.

It goes in your DNS zone file. Please give us an example of one of the
domains that you plan on publishing for and we can help you figure out how
to do that.

Scott Kitterman