IETF Logo Mail Archive

Re: [Asrg] SPF's helo identity as a reporting target

Alessandro Vesely <vesely@tana.it> Sun, 13 May 2012 18:49 UTC

Return-Path: <vesely@tana.it>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D434421F8565 for <asrg@ietfa.amsl.com>; Sun, 13 May 2012 11:49:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.601
X-Spam-Level:
X-Spam-Status: No, score=-4.601 tagged_above=-999 required=5 tests=[AWL=0.118, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AnzQs9qWibic for <asrg@ietfa.amsl.com>; Sun, 13 May 2012 11:49:10 -0700 (PDT)
Received: from wmail.tana.it (www.tana.it [62.94.243.226]) by ietfa.amsl.com (Postfix) with ESMTP id 1C0E621F854F for <asrg@irtf.org>; Sun, 13 May 2012 11:49:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=test; t=1336934949; bh=M9FMZX0Myyr93iATo2KWpr5xarWvQ9U+fTksDtJXqsg=; l=630; h=Message-ID:Date:From:MIME-Version:To:References:In-Reply-To: Content-Transfer-Encoding; b=f8WOqUCskGaj3dozdjIY13e2yYvbO/PUuEV7U3MhedZ1YUvALtn/ojTMM/TzY/edE bVpI75zitiB65kA7F+ucPzBH2d3ci36sFxDMaPzyXAXemAW7x6teCJQRDFSkQsdh21 bzrOlOWfOoqdotyqob6pfloucCG0xLulWNuwncB0=
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA; Sun, 13 May 2012 20:49:09 +0200 id 00000000005DC039.000000004FB00225.00001F29
Message-ID: <4FB00224.7010500@tana.it>
Date: Sun, 13 May 2012 20:49:08 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: asrg@irtf.org
References: <4FA8FBCA.3050904@tana.it> <4FAE187B.9030902@tana.it> <4FAEA20F.8090302@mustelids.ca> <4FAF85D0.8050305@tana.it> <4FAFFDB6.4020405@mustelids.ca>
In-Reply-To: <4FAFFDB6.4020405@mustelids.ca>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] SPF's helo identity as a reporting target
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 May 2012 18:49:10 -0000

On Sun 13/May/2012 20:44:58 +0200 Chris Lewis wrote:

> On 12-05-13 05:58 AM, Alessandro Vesely wrote:
> 
>> No, wait.  Didn't I say it has to get an SPF "pass" to get usable?
>> I must have considered it implied... my bad.
> 
> It doesn't help.
> 
> spammerdomain.com IN MX 0  wmail.tana.it.
> spammerdomain.com IN TXT "v=spf1 ip4:0/0 -all"

That's not quite how helo authentication works.  When they say "helo
wmail.tana.it" the server looks up wmail.tana.it.

wmail.tana.it.  IN TXT  "v=spf1 redirect=tana.it"
tana.it.        IN TXT  "v=spf1 +ip4:62.94.243.226 -all"

They won't get a "pass" unless they are using that ip4.

v2.8.7 | Report a Bug | By Email