Re: [Asrg] SPF's helo identity as a reporting target
Alessandro Vesely <vesely@tana.it> Sun, 13 May 2012 18:40 UTC
Return-Path: <vesely@tana.it>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 9BA0121F854F for <asrg@ietfa.amsl.com>;
Sun, 13 May 2012 11:40:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.599
X-Spam-Level:
X-Spam-Status: No, score=-4.599 tagged_above=-999 required=5 tests=[AWL=0.120,
BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y3a6Z4m2BQCd for
<asrg@ietfa.amsl.com>; Sun, 13 May 2012 11:40:40 -0700 (PDT)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226]) by ietfa.amsl.com
(Postfix) with ESMTP id C031421F8546 for <asrg@irtf.org>;
Sun, 13 May 2012 11:40:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=test;
t=1336934433; bh=OVhkn1rarDMQ7V+mHE1DlT3XVuJ5QbuhFI3G8851bA0=; l=1304;
h=Message-ID:Date:From:MIME-Version:To:References:In-Reply-To: Content-Transfer-Encoding;
b=Ys4xCJayZI6b0A9qrrFEs3L1Tw7bXJH/7mhxEkm82ZMA2G3h27k73faUNVCmOFFY6
XjcC+WDuAiUq6yV4Ac7PDJUMl2IXHwnMz6LV1mp/elwiUucg1JD/FaTvS5Y/9LCwRi
ePHJ8MJ7uPhAAi8xwaAv+UOqequVGsPyEYAtEnBc=
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5
515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA;
Sun, 13 May 2012 20:40:33 +0200 id 00000000005DC039.000000004FB00021.00001D45
Message-ID: <4FB00020.6080105@tana.it>
Date: Sun, 13 May 2012 20:40:32 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: asrg@irtf.org
References: <4FA8FBCA.3050904@tana.it> <4FAE187B.9030902@tana.it>
<4FAEA20F.8090302@mustelids.ca> <4FAF85D0.8050305@tana.it>
<4FAFD34F.6010301@mustelids.ca> <4FAFEDA8.4090009@tana.it>
<4FAFF773.10207@mustelids.ca>
In-Reply-To: <4FAFF773.10207@mustelids.ca>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] SPF's helo identity as a reporting target
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>,
<mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
<mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 May 2012 18:40:40 -0000
On Sun 13/May/2012 20:13:44 +0200 Chris Lewis wrote: > On 12-05-13 01:21 PM, Alessandro Vesely wrote: >> That seems to imply that it is necessary to use scripts to keep helo >> names, IP addresses, and SPF in sync. Would that be worth? > > The reality is going to be is that since it relies on SPF to be valid, > few people would bother implementing it on the sending side, and there > will be more than enough people ignoring the requirement to SPF verify > before trusting it, that kabooms! will still happen. So it would be an error-prone technique? We are talking about /postmasters/ extracting target addresses for abuse reporting, not end users. Shouldn't that imply some knowledge? SPF records are going to sport a new ra= modifier, specifying an address for reporting authentication failures, not abuse. That may bring further confusion, in fact. > There are other ways of doing this that doesn't require ancillary gunk > like SPF. There's at least one IP-based DNSBL that yields the same data. Which one do you mean? DNS lists like abusix get their data from RIRs' whois databases. In that case, virtual MTA providers would have to restrict their choice of network providers based on proper management of whois records, besides cost, bandwidth, uptime, support, ...
- [Asrg] SPF's helo identity as a reporting target Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- [Asrg] Reporting targets, was SPF's helo identity… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Chris Lewis
- Re: [Asrg] SPF's helo identity as a reporting tar… Rich Kulawiec
- Re: [Asrg] SPF's helo identity as a reporting tar… Alessandro Vesely
- Re: [Asrg] SPF's helo identity as a reporting tar… Douglas Otis