Re: [Asrg] misconception in SPF
Christian Grunfeld <christian.grunfeld@gmail.com> Mon, 10 December 2012 17:00 UTC
Return-Path: <christian.grunfeld@gmail.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CA4821F8532 for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 09:00:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.38
X-Spam-Level:
X-Spam-Status: No, score=-3.38 tagged_above=-999 required=5 tests=[AWL=0.219, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N3huOw6lObua for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 09:00:51 -0800 (PST)
Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by ietfa.amsl.com (Postfix) with ESMTP id A60EF21F8528 for <asrg@irtf.org>; Mon, 10 Dec 2012 09:00:51 -0800 (PST)
Received: by mail-vb0-f54.google.com with SMTP id l1so3526422vba.13 for <asrg@irtf.org>; Mon, 10 Dec 2012 09:00:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=UxqxRq/yBYlhlsQURwZGbQ55gYMQkZmVBTX6rPDgZ5A=; b=MegpptizEMyVJ2WQok2qRKxrD9TRV2QxrMsxVqsKe0Enbx+kWRQAt31bdAJ4z690eq M625okdnHIbv4CCoth9nZmN9g6vbbrbJ7HaMEDgc/IQxW0bPk/wMC+T4DVtcteHQle4A 4I75ah/fWdLaXZMqCXUWYBO/hFQJjiLXPGw2Gl5AUeOzjYUSoYsiNVD2O7vTDhTPiuR9 5ulVsUzQ4edTFDdMrJcaJDw9R8ALVdDnT6eyL/UlMsUgfR2IgETdvesZhY1wJkVPrrfi zIoXBOnacQPFk5FxUxb/uGlul8nvPpKDtEb9e35MvoTx48i6yy5IEMLSmcn+pAaJOFmz cGkg==
MIME-Version: 1.0
Received: by 10.220.239.143 with SMTP id kw15mr9108989vcb.62.1355158850727; Mon, 10 Dec 2012 09:00:50 -0800 (PST)
Received: by 10.58.235.131 with HTTP; Mon, 10 Dec 2012 09:00:50 -0800 (PST)
In-Reply-To: <50C60F9E.1060202@mustelids.ca>
References: <20121206212116.10328.qmail@joyce.lan> <50C1A95A.5000001@pscs.co.uk> <50C4A7F8.3010201@dcrocker.net> <CAFdugamTbTirVV2zXKOmc9oTaCS+QiTemhT=jvYJnHYscHQK7g@mail.gmail.com> <0D79787962F6AE4B84B2CC41FC957D0B20ACE6D0@ABN-EXCH1A.green.sophos> <20121209213307.D90C12429B@panix5.panix.com> <CAFduganBR_E-ui-3Xbic6F7qSmg1-Q+ideXLvb+1isLz8OF0Nw@mail.gmail.com> <0D79787962F6AE4B84B2CC41FC957D0B20ACFFE1@ABN-EXCH1A.green.sophos> <50C5A9A0.105@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD01B2@ABN-EXCH1A.green.sophos> <20121210145627.GA21217@gsp.org> <CAFdugakdqoN7S2YuWEVHo_YaOZJTPKt1w7tdcn8oasB=gb+qcg@mail.gmail.com> <50C60F9E.1060202@mustelids.ca>
Date: Mon, 10 Dec 2012 14:00:50 -0300
Message-ID: <CAFdugakaY6Lh_5HR8xN7YqrimO9nM72mpxtLwE7T0CpKFu75tA@mail.gmail.com>
From: Christian Grunfeld <christian.grunfeld@gmail.com>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Asrg] misconception in SPF
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 17:00:52 -0000
2012/12/10 Chris Lewis <clewis+ietf@mustelids.ca>: > You mean like this? > > _spf.google.com. 300 IN TXT "v=spf1 include:_netblocks.google.com ?all" google´s domain for sending mail is gmail.com. gmail.com is a virtual domain with no subdomains (afaik) and is mapped onto google, so if you check the senders no aa@bb.gmail.com could pass even using SPF or not. as you said, if you dig: dig -t txt gmail.com ;; ANSWER SECTION: gmail.com. 244 IN TXT "v=spf1 redirect=_spf.google.com" dig -t txt _spf.google.com ;; ANSWER SECTION: _spf.google.com. 300 IN TXT "v=spf1 include:_netblocks.google.com ?all" if you dig a bit more: dig -t txt www.google.com you get no answer because there is not SPF record for www.google.com, so you can forge emails as if they come from www.google.com even if there exists an SPF record for google.com !
- Re: [Asrg] misconception in SPF John Levine
- [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Derek Diget
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Andrew Sullivan
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF darxus
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF darxus
- Re: [Asrg] misconception in SPF Daniel Feenberg
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] various anti-spam techniques, was misc… John Levine
- Re: [Asrg] various anti-spam techniques, was misc… Rich Kulawiec
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF Bill Cole
- Re: [Asrg] various anti-spam techniques, was misc… Christian Grunfeld
- Re: [Asrg] various anti-spam techniques, was misc… John Levine
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] misconception in SPF Bill Cole
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Andrew Sullivan
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Seth
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Franck Martin
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Dotzero
- Re: [Asrg] misconception in SPF Rich Kulawiec
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Chris Lewis
- [Asrg] whitelisting links (was Re: misconception … Dave Crocker
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… darxus
- Re: [Asrg] misconception in SPF Eggert, Lars
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Chris Lewis
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] whitelisting links (was Re: misconcept… Steve Atkins
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Chris Lewis
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Rich Kulawiec
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] whitelisting links (was Re: misconcept… John Johnson
- Re: [Asrg] misconception in SPF John Johnson
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] whitelisting links (was Re: misconcept… John Levine
- Re: [Asrg] misconception in SPF Dotzero
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Laura Atkins
- Re: [Asrg] DMARC, was misconception in SPF John Levine