All Archives / aussie-isp / 2006-04
<<< Date >>>
Permanent Link
Date: Wed, 19 Apr 2006 01:07:07 +1000
From: Sean Winn
To: Edwin Groothuis
Cc: aussie-isp, aussie-isp
Message-Id: <000001c662f9$c3021470$2522630a@t22>
In-Reply-To: <20060418105458.GA1102@k7.mavetju>
Subject: RE: [Oz-ISP] SPF Records
Followups:

<20060418230605.GB12751@taz.net.au>
<20060419010622.GA69277@squash.dsto.defence.gov.au>
m a j o r d o m o - o w n e r @ k o a l a . a u s s i e . n e t wrote:
> On Tue, Apr 18, 2006 at 08:03:14PM +1000, Sean Winn wrote:
>> m a j o r d o m o - o w n e r @ k o a l a . a u s s i e . n e t wrote:
>> ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24
>> ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23
>> ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
>> aol.com.                300     IN      TXT     "spf2.0/pra
>> ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24
>> ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23
>> ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
>>
>> Same for gmail.com; yahoo.com doesn't even have SPF. Hotmail is
>> slightly different... ~all as a soft fail instead.
>>
>> Value of SPF? Very little except for being feel-good about forged
>> email. Spammers can use SPF as well, with throw-away domains, and
>> probably do.
>
> SPF isn't an anti-spammer tool, it's an anti-forgery tool. I don't
> care if spammers use their own throw-away domains for it. I do care
> if spammers/viruses use my address as the sender address.
>

Certainly is. But if it's not definitive, what's its value?

> The above examples give a good idea of the fine-tuning SPF is capable
> of.
>
> -   With -all, it says: "These ip addresses, that are our outgoing
>     SMTP servers. Dont' trust anything else".
>
> -   With ~all, it says: "These ip addresses, that are our outgoing
>     SMTP servers. I wouldn't trust anything else if I were you, but  
> it is possible."
>
> -   With ?all, it says: "These ip addresses, that are our outgoing
>     SMTP servers. But it can come from other places."
>

Only '-all' is definitive. And 4 major domains used for mail say they
can't be definitive. So they don't seem to place a high value on SPF for
themselves.


> For my domain (mavetju.org), it says -all. For the domains we host,
> it's -all. We offer our clients authentication SMTP delivery on a
> non standard SMTP port. There should be no reason for them not to use
> our mail servers.
>
> Edwin

That's obviously not the case elsewhere; so right now, SPF still has low
value overall, as '?all' or '~all' will be common. And that was the
question Jessica poses (mostly rhetorically; I was just replying with
big examples showing how little it has, regardless of what is done in
this country, or written into codes of practises)

That's not to say it has zero value - where it is being definitive it
can be taken advantage of.


----
email "unsubscribe aussie-isp" to m a j o r d o m o @ a u s s i e . n e t to be removed.
<<< Date >>>
This page was automatically generated, based on a complete record of postings made to the nominated list. Copyright issues, blame or gratitude belongs to the entity that wrote the content.