Re: recent spam to this list

[Riku Voipio <riku.voipio@iki.fi>]

On Sun, Oct 12, 2003 at 11:41:45PM +0200, Andreas Metzler wrote:
> Julian Mehnle <lists@mehnle.net> wrote:
> > Bernhard R. Link wrote:
> >> * Riku Voipio <riku.voipio@iki.fi> [031012 20:25]:
> >> > Second hint: If you insist on your right to forge your email address,
> >> > anyone else can forge your address as well. Is that a right you really
> >> > need?

> >> It's about to *use* an e-mail address, not about forging one...
 
> > It's about forging an e-mail sender's identity.  By preventing the
> > unauthorized use of domains as the sender domain of e-mails, most of
> > the practiced cases of identity forgery are prevented.
> [...]
 
> If I send an e-mail over mail.nusrf.at with envelope-from
> ametzler@logic.univie.ac.at I am _not_ forging anything or making
> "unauthorized use of domains"

Effectively you are claiming to send from ametzler@logic.univie.ac.at
while the truth is the real sender was xxx@nusrf.at - in this
case it just happens that the identity behind both is same.

The owners of logic.univie.ac.at are free setup any policy in SPF
they want. If they think that there is no reason to protect
unauthorisized use of their domain, they can choose to setup
and wildcard and allow any IP in the world to send mails using
logic.univie.ac.at domain.

What is your problem with that setup?

-- 
Riku Voipio  	       |    riku.voipio@iki.fi         |
kirkkonummentie 33     |    +358 40 8476974          --+--
02140 Espoo            |                               |
dark> A bad analogy is like leaky screwdriver          |