IETF Logo Mail Archive

Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review

"Chris Lewis" <clewis@nortel.com> Tue, 26 May 2009 22:17 UTC

Return-Path: <CLEWIS@nortel.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A58D128C282 for <asrg@core3.amsl.com>; Tue, 26 May 2009 15:17:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tdr+MXXIr2IR for <asrg@core3.amsl.com>; Tue, 26 May 2009 15:17:26 -0700 (PDT)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id D8B4928C2AA for <asrg@irtf.org>; Tue, 26 May 2009 15:16:12 -0700 (PDT)
Received: from zrtphxs1.corp.nortel.com (casmtp.ca.nortel.com [47.140.202.46]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id n4QMHZV03829 for <asrg@irtf.org>; Tue, 26 May 2009 22:17:36 GMT
Received: from zrtphx5h0.corp.nortel.com ([47.140.202.65]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 26 May 2009 18:17:35 -0400
Received: from [47.130.65.58] (47.130.65.58) by zrtphx5h0.corp.nortel.com (47.140.202.65) with Microsoft SMTP Server (TLS) id 8.1.340.0; Tue, 26 May 2009 18:17:35 -0400
Message-ID: <4A1C6A79.7030609@nortel.com>
Date: Tue, 26 May 2009 18:17:29 -0400
From: Chris Lewis <clewis@nortel.com>
Organization: Nortel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20090302 Lightning/0.9 Thunderbird/2.0.0.21 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <003d01c9dd01$bf3531d0$800c6f0a@china.huawei.com> <4A1A45BA.5030704@swin.edu.au> <3be421270905250718y5d62f6d5odb6f2bebecf418d0@mail.gmail.com> <6684E747-55CB-4BB3-B838-9F4FE906AFE7@mail-abuse.org> <3be421270905251345l1bbe8ce9je5554b727e7440a7@mail.gmail.com> <4A1B0C0C.5010703@mines-paristech.fr>
In-Reply-To: <4A1B0C0C.5010703@mines-paristech.fr>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 26 May 2009 22:17:35.0816 (UTC) FILETIME=[C5BEAC80:01C9DE4F]
Subject: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: aCritical Review
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2009 22:17:26 -0000

Jose-Marcio Martins da Cruz wrote:

> Well. Me too, I don't understand why it could be interesting to check SPF in the MUA. It 
> may be interesting to check SPF when one have access to both sender domain and IP address 
> of the SMTP client connecting to the MTA. This information isn't usually available to the 
> MUA, unless it will trust on data available on headers.

The Thunderbird SPF/DK plugin, for example, has a configuration option 
that tells it how to parse the Received lines to pluck out the IP and 
HELO recorded in the Received line the user's perimeter MTA has generated.

It works well enough in that regard.

[The plugin isn't compliant with SPF per-se, it checks From:, because it 
usually can't get the MAIL FROM.  This is configurable.]

I experimented with it.  It works.  But doesn't add enough to be worth 
while if you already have decent MTA-end filtering.

If you don't have decent MTA filtering, it might be worthwhile.

v2.23.0 | Report a Bug | By Email