[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: @debian.org email forwarding and SPF



This one time, at band camp, Andrew Pollock said:
> On Thu, May 20, 2004 at 09:33:34AM +0100, Adam D. Barratt wrote:
> > 
> > It's not stopping the mail because it's spam - it's stopping the mail
> > because the sender address is provably false. What happens when the virus
> > starts sending mail claiming to be from <validuser>@debian.org? It sails
> > straight through the SPF check...
> 
> Dude, honey@d.o is a valid developer's email address...
>  
> > Given the amount of bounces hitting our company server from mail claiming to
> > be from valid local addresses, none of which would have been stopped if both
> > we and the other servers employed SPF, I think the ball is firmly back in
> > your court. :)
> 
> See above.
> 
> Andrew

And so, if it's forwarded to you via your @d.o email, it will make it
through - it's coming from an at d.o address, and an @d.o machine.  Only
if the debian machines start doing SPF checking for @d.o addresses (in
which case nobody would be able to send mail with an envelope from an
@d.o address unless logged in to one of the machines), it won't help, as
I understand it.

-- 
 -----------------------------------------------------------------
|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |
 -----------------------------------------------------------------

Attachment: pgpnUdzyggnXr.pgp
Description: PGP signature


Reply to: