Please use a MUA that indents quotes properly.
On Tuesday 28 August 2007 00:45, Rick Cooper wrote:
> > Forwarded mail isn't send from my server. It is sent from the sender. I am
> > relaying the message and it's not up to me to mangle the from address. The
> > people who I farward to want the from
ould like to note that the last time around, I asked you to stop
perpetuating your "SPF is hopelessly broken and must die!" thread. It
appears you have not done this -- while you didn't initiate the
"SPF-Compliant Spam" thread, you've taken it over and are now dominating
Magnus Holmgren wrote:
> That's precisely "applying SPF without thinking". Anyone who does that
> should be fired, nuked or something worse.
The world is full of incompetent mailserver-admins.
/Per Jessen, Zürich
Marc Perkel <[EMAIL PROTECTED]> writes:
> Yes it does break email forwarding because if you have restrictive SPF and it
> gets forwarded then the forwarding server
> isn't a valid server. Thus if the receiving server enforces SPF rules then it
> bounces the forwared message.
No. Once it has bee
On Mon, 27 Aug 2007, Marc Perkel wrote:
> Matt Kettler wrote:
> > Marc Perkel wrote:
> >
> >> Matt Kettler wrote:
> >>
> >>> Marc Perkel wrote:
> >>>
> >>>
> SPF breaks email forwarding.
>
>
> >>> SPF breaks mail forwarding services that are unwilling to expend a
> >>> little effort
Matt Kettler wrote:
Marc Perkel wrote:
Matt Kettler wrote:
Marc Perkel wrote:
SPF breaks email forwarding.
SPF breaks mail forwarding services that are unwilling to expend a
little effort to modify their MAIL FROM handling. There's documented
ways to do thi
Marc Perkel wrote:
>
>
> Matt Kettler wrote:
>> Marc Perkel wrote:
>>
>>> SPF breaks email forwarding.
>>>
>>>
>>>
>> SPF breaks mail forwarding services that are unwilling to expend a
>> little effort to modify their MAIL FROM handling. There's documented
>> ways to do this, you're just un
> -Original Message-
> From: Marc Perkel [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 27, 2007 5:29 PM
> To: Meng Weng Wong
> Cc: Kelson; users@spamassassin.apache.org
> Subject: Re: SPF-Compliant Spam
>
>
>
> Meng Weng Wong wrote:
&g
_
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Monday, August 27, 2007 5:26 PM
To: Bernd Petrovitsch
Cc: users@spamassassin.apache.org
Subject: Re: SPF-Compliant Spam
Bernd Petrovitsch wrote:
On Mon, 2007-08-27 at 12:50 -0700, Marc Perkel wrote:
[...]
I don't su
_
From: Marc Perkel [mailto:[EMAIL PROTECTED]
Sent: Monday, August 27, 2007 3:49 PM
To: users@spamassassin.apache.org
Subject: Re: SPF-Compliant Spam
Kai Schaetzl wrote:
Justin Mason wrote on Mon, 27 Aug 2007 14:35:39 +0100:
On the contrary, we in SpamAssassin find it
On Mon, 2007-08-27 at 14:58 -0700, Marc Perkel wrote:
[...]
> Some of the flaws in SPF
> The flaws in SPF are numerous and severalfold.
>
> * SPF breaks pre-delivery forwarding.
BTW the trivial solution to this problem is that your customers simply
add your mailservers to the SPF rercords.
Marc Perkel wrote:
It isn't even a forgery tool because if will return a false positive
of forwarded email.
If the domain owner doesn't want his domain to be used as sender address
in email not sent by his servers, then there is no FP. It is a policy
enforcement.
Feel free to accept su
2007/8/27, Marc Perkel <[EMAIL PROTECTED]>:
>
> http://homepages.tesco.net/J.deBoynePollard/FGA/smtp-spf-is-harmful.html
>
>
> SPF is harmful. Adopt it. You've come to this page because you've said
> something similar to the following:
>
>
> SPF ("sender permitted from" a.k.a. "sender policy frame
J o a r wrote on Mon, 27 Aug 2007 23:04:31 +0200:
> Why would I, as a SPF publishing domain owner, care if they have
> anything else to check?
> As long as they reject messages that fail SPF checks for my domain,
> my problem is solved.
If you see it from that perspective, yes. But the point
2007/8/27, Marc Perkel <[EMAIL PROTECTED]>:
>
>
>
> Luis Hernán Otegui wrote:
> 2007/8/27, Marc Perkel <[EMAIL PROTECTED]>:
>
>
> Meng Weng Wong wrote:
>
>
> On Aug 27, 2007, at 11:39 AM, Kelson wrote:
>
>
>
> Jason Bertoch wrote:
>
>
> Is it wise to blacklist both, or is this yet another cas
http://homepages.tesco.net/J.deBoynePollard/FGA/smtp-spf-is-harmful.html
SPF is harmful. Adopt it.
You've come to this page because you've said something similar to the
following:
SPF ("sender permitted from" a.k.a. "sender policy framework") is a
scheme designed to prevent forgery of
Marc Perkel wrote:
SPF is useless.
Oh, of course. No matter how many times people point out uses they've
found for it, no matter whether those uses are actually impacted by
email forwarding or not, you're right, obviously we're all living in a
fantasy world because the only *possible* thing
Luis Hernán Otegui wrote:
2007/8/27, Marc Perkel <[EMAIL PROTECTED]>:
Meng Weng Wong wrote:
On Aug 27, 2007, at 11:39 AM, Kelson wrote:
Jason Bertoch wrote:
Is it wise to blacklist both, or is this yet another case where SPF
has failed
to meet projections?
On Monday 27 August 2007 21:54, Marc Perkel wrote:
> Magnus Holmgren wrote:
> > SPF does not in itself break email forwarding. SPF tells MTAs where mail
> > with certain senders may originate from. It's their job to know if the
> > recipient forwards mail from the connecting host. It can be tricky,
2007/8/27, Marc Perkel <[EMAIL PROTECTED]>:
>
>
> Meng Weng Wong wrote:
> > On Aug 27, 2007, at 11:39 AM, Kelson wrote:
> >
> >> Jason Bertoch wrote:
> >>> Is it wise to blacklist both, or is this yet another case where SPF
> >>> has failed
> >>> to meet projections?
> >>
> >> It's a case where the
On Mon, 2007-08-27 at 14:26 -0700, Marc Perkel wrote:
> Bernd Petrovitsch wrote:
> > On Mon, 2007-08-27 at 12:50 -0700, Marc Perkel wrote:
[...]
> > Where is the real problem?
> >
> > BTW I see "from mangling" as a conceptual necessary thing: Simply
> > because the forwarded mail is actually sent
Bill Landry wrote:
j o a r wrote:
On 27 aug 2007, at 21.20, Kai Schaetzl wrote:
That's wrong. Even if all servers in the world would check SPF you would
achieve *nothing* as the big majority of mail doesn't have anything to
check.
Why would I, as a SPF publishing domain owner
Meng Weng Wong wrote:
On Aug 27, 2007, at 11:39 AM, Kelson wrote:
Jason Bertoch wrote:
Is it wise to blacklist both, or is this yet another case where SPF
has failed
to meet projections?
It's a case where the spammer has just handed you useful information:
You know for sure that the doma
j o a r wrote:
>
> On 27 aug 2007, at 21.20, Kai Schaetzl wrote:
>
>> That's wrong. Even if all servers in the world would check SPF you would
>> achieve *nothing* as the big majority of mail doesn't have anything to
>> check.
>
>
> Why would I, as a SPF publishing domain owner, care if they ha
Bernd Petrovitsch wrote:
On Mon, 2007-08-27 at 12:50 -0700, Marc Perkel wrote:
[...]
I don't support from mangling and I'm talking about email forwarded to
us from other servers who also don't do from mangling.
So "not from-mangled" forwarded email cannot be (technically and quite
si
On 27 aug 2007, at 21.20, Kai Schaetzl wrote:
That's wrong. Even if all servers in the world would check SPF you
would
achieve *nothing* as the big majority of mail doesn't have anything to
check.
Why would I, as a SPF publishing domain owner, care if they have
anything else to check?
As
On Mon, 2007-08-27 at 12:50 -0700, Marc Perkel wrote:
[...]
> I don't support from mangling and I'm talking about email forwarded to
> us from other servers who also don't do from mangling.
So "not from-mangled" forwarded email cannot be (technically and quite
simply) distinguished from intended s
On Aug 27, 2007, at 11:39 AM, Kelson wrote:
Jason Bertoch wrote:
Is it wise to blacklist both, or is this yet another case where
SPF has failed
to meet projections?
It's a case where the spammer has just handed you useful
information: You know for sure that the domain name is, indeed, the
Magnus Holmgren wrote:
On Monday 27 August 2007 15:26, Marc Perkel wrote:
Jason Bertoch wrote:
I think it's safe to say I'm not in the minority when I receive
SPF-Compliant spam. I'm looking for opinions on what we can honestly
derive from such messages regard
Matt Kettler wrote:
Marc Perkel wrote:
SPF breaks email forwarding.
SPF breaks mail forwarding services that are unwilling to expend a
little effort to modify their MAIL FROM handling. There's documented
ways to do this, you're just unwilling, and instead you'll continue to
repeat t
Kai Schaetzl wrote:
Justin Mason wrote on Mon, 27 Aug 2007 14:35:39 +0100:
On the contrary, we in SpamAssassin find it useful.
I have to agree with Marc in this special case. It's not very useful. The
reason I think this is that the amount of domains that use SPF is scarce,
*reall
J o a r wrote on Mon, 27 Aug 2007 19:37:41 +0200:
> The number of domains publishing SPF records have nothing to do with
> how useful it is. The number of servers checking and respecting these
> SPF records is what matters
That's wrong. Even if all servers in the world would check SPF you wou
Jason Bertoch wrote:
I think it's safe to say I'm not in the minority when I receive SPF-Compliant
spam. I'm looking for opinions on what we can honestly derive from such
messages regarding the sending server's IP and the sending address' domain name.
Is it wise to b
On 27 aug 2007, at 18.55, Per Jessen wrote:
From a professional standpoint, it's not (yet) particularly useful.
Domains that publish an SPF record are still very rare (around here).
The number of domains publishing SPF records have nothing to do with
how useful it is. The number of server
"Jason Bertoch" <[EMAIL PROTECTED]> writes:
> I think it's safe to say I'm not in the minority when I receive SPF-Compliant
> spam. I'm looking for opinions on what we can honestly derive from such
> messages regarding the sending server's IP and the
Kai Schaetzl wrote:
> I have to agree with Marc in this special case. It's not very useful.
> The reason I think this is that the amount of domains that use SPF is
> scarce, *really* scarce. I kept an eye on this for some weeks with the
> help of milter-spf and less than 5% of all mail had SPF.
Matt Kettler wrote:
> SPF breaks mail forwarding services that are unwilling to expend a
> little effort to modify their MAIL FROM handling.
Forwarding services are only a minor issue. We have the forwarding
issue every day - people forward mail from a personal domain to their
work address. An
Jason Bertoch wrote:
I think it's safe to say I'm not in the minority when I receive SPF-Compliant
spam. I'm looking for opinions on what we can honestly derive from such
messages regarding the sending server's IP and the sending address' domain name.
Is it wise to b
On Mon, 2007-08-27 at 08:59 -0400, Jason Bertoch wrote:
> I think it's safe to say I'm not in the minority when I receive SPF-Compliant
> spam. I'm looking for opinions on what we can honestly derive from such
> messages regarding the sending server's IP and the se
On Mon, 2007-08-27 at 09:47 -0400, Jason Bertoch wrote:
> On Monday, August 27, 2007 9:27 AM Magnus Holmgren wrote:
>
> > For spammers to be able to send SPF-authenticated spam using botnets,
> > they usually have to authorize ridiculously large address blocks, for
> > example with "+all" or "+a:0
On Monday 27 August 2007 15:26, Marc Perkel wrote:
> Jason Bertoch wrote:
> > I think it's safe to say I'm not in the minority when I receive
> > SPF-Compliant spam. I'm looking for opinions on what we can honestly
> > derive from such messages regar
Marc Perkel wrote:
>
>
> Justin Mason wrote:
>> On the contrary, we in SpamAssassin find it useful.
>>
>>
>
> How do you avoid a false positive on forwarded email?
Since my other mail is long, a short reply to this direct question is in
order.
put the forwarder in trusted_networks and internal_
Marc Perkel wrote:
>
>
> SPF breaks email forwarding.
>
>
SPF breaks mail forwarding services that are unwilling to expend a
little effort to modify their MAIL FROM handling. There's documented
ways to do this, you're just unwilling, and instead you'll continue to
repeat this partial truth. (everyt
Justin Mason wrote on Mon, 27 Aug 2007 14:35:39 +0100:
> On the contrary, we in SpamAssassin find it useful.
I have to agree with Marc in this special case. It's not very useful. The
reason I think this is that the amount of domains that use SPF is scarce,
*really* scarce. I kept an eye on this
Justin Mason wrote:
Marc Perkel writes:
Jason Bertoch wrote:
I think it's safe to say I'm not in the minority when I receive
SPF-Compliant spam. I'm looking for opinions on what we can honestly
derive from such messages regarding the sending server's IP and
On Monday, August 27, 2007 9:27 AM Magnus Holmgren wrote:
> For spammers to be able to send SPF-authenticated spam using botnets,
> they usually have to authorize ridiculously large address blocks, for
> example with "+all" or "+a:0.0.0.0/2 +a:64.0.0.0/2 +a:128.0.0.0/2
> +a:192.0.0.0/2", so it's p
Marc Perkel writes:
> Jason Bertoch wrote:
> > I think it's safe to say I'm not in the minority when I receive
> > SPF-Compliant spam. I'm looking for opinions on what we can honestly
> > derive from such messages regarding the sending server's IP and th
On Monday 27 August 2007 14:59, Jason Bertoch wrote:
> I think it's safe to say I'm not in the minority when I receive
> SPF-Compliant spam. I'm looking for opinions on what we can honestly
> derive from such messages regarding the sending server's IP and the sending
Jason Bertoch wrote:
I think it's safe to say I'm not in the minority when I receive SPF-Compliant
spam. I'm looking for opinions on what we can honestly derive from such
messages regarding the sending server's IP and the sending address' domain name.
Is it wise to b
Jason Bertoch wrote:
> I think it's safe to say I'm not in the minority when I receive SPF-Compliant
> spam. I'm looking for opinions on what we can honestly derive from such
> messages regarding the sending server's IP and the sending address' domain
> nam
I think it's safe to say I'm not in the minority when I receive SPF-Compliant
spam. I'm looking for opinions on what we can honestly derive from such
messages regarding the sending server's IP and the sending address' domain name.
Is it wise to blacklist both, or is th
51 matches
Mail list logo
