[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure

To: william@elan.net, asrg@ietf.org
Subject: Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
From: David Walker <antispam@grax.com>
Date: Fri, 9 May 2003 08:12:49 -0500
In-reply-to: <Pine.LNX.4.44.0305082050400.1089-100000@sokol.elan.net>
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: Vorteon, LLC
References: <Pine.LNX.4.44.0305082050400.1089-100000@sokol.elan.net>
Reply-to: asrg@ietf.org
Sender: asrg-admin@ietf.org
User-agent: KMail/1.5

On Friday 09 May 2003 12:06 am, william@elan.net wrote:
> Envelope "From:" is the worst case since most mailing lists use their own
> mailfrom and do not change "From:" (do not assume that what you see in
> outlook is what others would see or that its really how mailist messsage
> looks like), so when your message arrives and mailfrom-aware recepient
> server checks and sees that envelope "From:" is from domain that has
> mailfrom record but connecting mailserver is not on list of those domain
> outgoing mail servers, then it would reject that email - to deal with this
> you have to whitelist maillist to let it through. But if you whitelist
> maillist then spammer can use that and forge "mailfrom" to appear that
> message is coming out of maillist and then your server will accept the
> email eventhough it came from spammer and eventhough he did not have
> right to use this envelope "From:".

I re-read my message again and my use of the terms evelope-from and mail-from 
were just not done right.  Where I said "envelope from" I meant the "mail 
from:" part of the smtp transaction and where I said "mail from" I meant the 
mail's "from:" header.  But there really isn't any way people could know that 
from reading my message. (I will blame the late hour but I should have been 
more careful)

If the "from:" header doesn't match the "mail from" that the MUA should 
indicate that to the user.
if the "mail from" doesn't pass the MX MAIL-FROM lookup then the mail should 
be able to be denied.
If the "from:" header doesn't pass the MX MAIL-FROM lookup then a warning 
might be in order but not a deny since that would disable mailing list 
action.

Sorry for the confusion.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
  - From: william

Prev by Date: Re: [Asrg] Assume perfect knowledge by domain registry provisioners, so what?
Next by Date: Re: [Asrg] Willfull and intentional misunderstandings
Previous by thread: Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
Next by thread: RE: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
Index(es):
- Date
- Thread