Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)

To: debian-devel@lists.debian.org
Subject: Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
From: Isaac To <iketo2@netscape.net>
Date: 25 Jul 2004 00:24:14 +0800
Message-id: <[🔎] 87u0vx2x1t.fsf@sinken.local.csis.hku.hk>
In-reply-to: <[🔎] 3939595a.0407231033.3063ce14@posting.google.com>
References: <[🔎] 20040704214611.39525198CD6@nightcrawler> <[🔎] 1089024707.20634.5.camel@leom181.leom.ec-lyon.fr> <[🔎] 200407051315.55946@fortytwo.ch> <[🔎] 87llhymqid.fsf@sinken.local.csis.hku.hk> <[🔎] 3939595a.0407220943.6dc21107@posting.google.com> <[🔎] 87vfgfa5p0.fsf@sinken.local.csis.hku.hk> <[🔎] 3939595a.0407231033.3063ce14@posting.google.com>

>>>>> "Erik" == Erik Aronesty <erik@zoneedit.com> writes:

    Erik> I was thinking that a spammer could creates an envelope
    Erik> address with
    Erik> "SRS0+hash=timestamp=aol.com=bob@throwawaydomain.com" and a
    Erik> From: bob@aol.com with valid SPF info in
    Erik> throwawaydomain.com.

    Erik> They, obviously, could do this.  Someone who sees that spam
    Erik> will, likely, blame aol.com and not "throwawaydomain.com".
    Erik> Just like spammers use throwawar IP's to send mail, they
    Erik> will use throwaway domains to masquerate as forwarding
    Erik> agents - just like they use throwaway IP's now.

BTW, forwarding is normally set up manually, e.g., you might want your
university to forward all mails to you home ISP account.  So you know
exactly who are your valid forwarders (here, your university only).
Your case would then be trivially blocked in the client side.

Regards,
Isaac.

Reply to:

Follow-Ups:
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: erik@zoneedit.com (Erik Aronesty)

References:
- Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C
  - From: Eric Dorland <eric@debian.org>
- Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C
  - From: Josselin Mouette <joss@debian.org>
- SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Isaac To <iketo2@netscape.net>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: erik@zoneedit.com (Erik Aronesty)
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: Isaac To <iketo2@netscape.net>
- Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
  - From: erik@zoneedit.com (Erik Aronesty)

Prev by Date: Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
Next by Date: Re: Bug#260283: ITP: exact -- exact - EXperimental Access Control Thing
Previous by thread: Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
Next by thread: Re: SPF (was: Re: Bug#257644: ITP: libspf2 -- Sender Policy Framework library, written in C)
Index(es):
- Date
- Thread