Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Help
SPF policy for rawbits.com
bwalton at rawbits
Jul 29, 2008, 7:53 AM
Post #1 of 5 (3455 views)
Permalink
I receive email with headers like these often:

>Return-Path: <bwalton@kpmg.com>
>Received: from exprod8mx263.postini.com [64.18.3.55] by
>ms44.ihwy.com with SMTP;
> Tue, 29 Jul 2008 00:38:56 -0700
>Received: from source ([89.235.141.69]) by exprod8mx263.postini.com
>([64.18.7.10]) with SMTP;
> Tue, 29 Jul 2008 00:38:55 PDT
>Content-Return: allowed
>X-Mailer: CME-V6.5.4.3; MSN
>Message-Id: <20080729143753.8765.qmail@w11>
>To: <bwalton@rawbits.com>
>Subject: Anjelina Jolie XXX Video Free.
>From: <bwalton@rawbits.com>
>MIME-Version: 1.0
>Content-Type: text/html; charset="UTF-8"
>Content-Transfer-Encoding: 7bit
>X-SmarterMail-Spam: Bayesian Filtering, SPF_None, ORDB

Question: If Postini is checking SPF, shouldn't they block these
messages as forgeries?

--
Bill Walton bwalton@rawbits.com (831)338-0479 home
PO Box 850 (408)721-4346 bus
Boulder Creek, CA 95006-0850 (831)345-7135 cell


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
RE: SPF policy for rawbits.com [ In reply to ]
steve at teamITS
Jul 29, 2008, 8:11 AM
Post #2 of 5 (3318 views)
Permalink
Bill Walton wrote on 7/29/2008 9:53:11 AM:

> I receive email with headers like these often:
>
>> Return-Path: <bwalton@kpmg.com>

> Question: If Postini is checking SPF, shouldn't they block these
> messages as forgeries?

Kpmg.com doesn't have an SPF record.

-----
SPF FAQ: http://www.openspf.org/FAQ
Common mistakes: http://www.openspf.org/FAQ/Common_mistakes

- Steve Yates
- ITS, Inc.
- Out of my way! I smell chocolate!

~ Taglines by Taglinator - www.srtware.com ~


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
RE: SPF policy for rawbits.com [ In reply to ]
bwalton at rawbits
Jul 30, 2008, 5:59 AM
Post #3 of 5 (3311 views)
Permalink
At 08:11 AM 7/29/2008, you wrote:
> > I receive email with headers like these often:
> >
> >> Return-Path: <bwalton@kpmg.com>
>
> > Question: If Postini is checking SPF, shouldn't they block these
> > messages as forgeries?
>
> Kpmg.com doesn't have an SPF record.

OK - so it's the Return-Path that's checked, not the From, even
though all three mail clients I use show the message as coming from
bwalton@rawbits.com?


--
Bill Walton bwalton@rawbits.com (831)338-0479 home
PO Box 850 (408)721-4346 bus
Boulder Creek, CA 95006-0850 (831)345-7135 cell


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
RE: SPF policy for rawbits.com [ In reply to ]
steve at teamITS
Jul 30, 2008, 7:05 AM
Post #4 of 5 (3316 views)
Permalink
> OK - so it's the Return-Path that's checked, not the From

Yes.

http://www.openspf.org/FAQ/Envelope_from_scope


-----
SPF FAQ: http://www.openspf.org/FAQ
Common mistakes: http://www.openspf.org/FAQ/Common_mistakes

- Steve Yates
- ITS, Inc.
- Sci-Fi Survival Tip: Kids love dinosaurs; unfortunately dinosaurs
love kids too.

~ Taglines by Taglinator - www.srtware.com ~


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: SPF policy for rawbits.com [ In reply to ]
hmdmhdfmhdjmzdtjmzdtzktdkztdjz at gmail
Jul 30, 2008, 8:37 AM
Post #5 of 5 (3298 views)
Permalink
Bill Walton wrote:

> OK - so it's the Return-Path that's checked, not the From

Yep.

The return-path is the critical piece wrt auto-responders
(vacation mail, bounces, etc.). It is where "backscatter"
is sent to.

> all three mail clients I use show the message as coming
> from bwalton@rawbits.com

A (slightly) different problem, it is related to phishing,
if spammers have reasons to abuse your address in phishes.

SPF is not designed to help with phishing, for that you'd
check out "DKIM ADSP" and/or "SenderID PRA". The latter
is also known as "spf2.0/pra". Folks here agree that PRA
doesn't really work as expected. Your mail client might
still show what it shows today, even if the phisher used
another address as Resent-From to get a PRA PASS of their
choice.

No silver bullets, sorry. Limited to backscatter issues
v=spf1 (PASS or FAIL) does help.

Frank



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal