[Asrg] where the message originated (was: DKIM role?) (SM)
Ian Eiloart
iane at sussex.ac.uk
Mon Jan 19 03:16:19 PST 2009
--On 15 January 2009 16:13:20 +0000 David Wilson <David.Wilson at isode.com>
wrote:
> On Thu, 2009-01-15 at 14:57 +0000, Ian Eiloart wrote:
>> > Depends on what that prevention requires. ("Sure you can prevent
>> abuse
>> > of your domain. You just need to enter into a bilateral agreement
>> with
>> > every receiving mailhost on the net.")
>>
>> No, you just need to sign your outgoing email, and publish SPF
>> records.
>
> And make sure that you send from hosts which are permitted by your SPF
> info.
>
> At one point I purchased on-line from Maplin, so they send me marketing
> messages. maplin.co.uk has SPF information, but these messages are not
> sent from one of the permitted hosts!
And, right now, they don't much care about that. Why? Because too few
people respect SPF records. I'll bet that if, say, a couple of the major
email service providers, or all .gov or .gov.uk addresses started to do so,
then Maplin would start to get that right.
>
> I have also seen an SPF failure on a message from a friend who has a
> 'vanity' domain for their family. The message came via their ISP's MTA,
> and so failed as this is not permitted by their SPF info. In this case
> the SPF info has probably been created by the domain registration
> organization.
They'll need to get their SPF records right. We probably need better tools
to enable this.
>
>
>
> _______________________________________________
> Asrg mailing list
> Asrg at irtf.org
> http://www.irtf.org/mailman/listinfo/asrg
--
Ian Eiloart
IT Services, University of Sussex
x3148
More information about the Asrg
mailing list