Re: [Asrg] misconception in SPF

darxus@chaosreigns.com Fri, 07 December 2012 18:19 UTC

Return-Path: <darxus@chaosreigns.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 124AD21F864D for <asrg@ietfa.amsl.com>; Fri, 7 Dec 2012 10:19:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JcokvGVDl-bM for <asrg@ietfa.amsl.com>; Fri, 7 Dec 2012 10:19:09 -0800 (PST)
Received: from panic.chaosreigns.com (panic.chaosreigns.com [IPv6:2600:3c01::f03c:91ff:fe96:340b]) by ietfa.amsl.com (Postfix) with ESMTP id 5790421F85DD for <asrg@irtf.org>; Fri, 7 Dec 2012 10:19:09 -0800 (PST)
Received: by panic.chaosreigns.com (Postfix, from userid 1000) id 6622B2C6FC8; Fri, 7 Dec 2012 13:19:08 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chaosreigns.com; s=mail; t=1354904348; bh=4N2PdLsZDV0wYX1qqegKD1tPKGZYn8NEsJuRacBCnsc=; h=Date:From:To:Subject:References:In-Reply-To; b=bv8e/XCVnb3SSabejxyBCn3qHjqUr9LcCOcAd1Fqt2Mnl9bk2pNlqBQQ2aTCdgLvI dVBbUAEHvea/M0sJ8WoYH8sDZJB1d/Hzmkv5ZTxC07xYZgA3OG8zRsjB7T3cowz9a0 EVuu+YSSMuka9qlfQtDBciVNHQXTk6wG/qbrq4lA=
Date: Fri, 07 Dec 2012 13:19:08 -0500
From: darxus@chaosreigns.com
To: asrg@irtf.org
Message-ID: <20121207181908.GM12261@chaosreigns.com>
References: <20121206212116.10328.qmail@joyce.lan> <50C1A95A.5000001@pscs.co.uk> <CAFdugan=tzj+oMMSLH0ukWHK5jF7tSjbp5jx1uBauaq_YF6pxw@mail.gmail.com> <50C21EFC.4060508@pscs.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <50C21EFC.4060508@pscs.co.uk>
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: Re: [Asrg] misconception in SPF
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Dec 2012 18:19:10 -0000

On 12/07, Paul Smith wrote:
> >>As a random thought, would there be the possibility to add some sort of
> >>marker on a parent domain to say 'we understand MX records, so we don't use
> >>A records for mail within this domain'? So, if you receive mail from
> >>'bibble.twitter.com', you check the TXT records for 'twitter.com' which tell
> >>you that subdomains/hosts without an MX record won't have mail, and since
> >>there isn't an MX record for 'bibble.twitter.com', you can reject it/treat
> >>it as spoofed.
> >same as above. MX for bibble.twitter.com is only to receive emails.
> >Nothing prevents someone@bibble.twitter.com to send unless you put a
> >TXT "v=spf1 -all" for it !
> >
> But it would help tremendously, without needing to add SPF records
> for each host in a domain.
> 
> This is because there would be no MX record for
> 'bibble.twitter.com', so you could assume (because of this 'new
> rule') that that sender email address is invalid, because there is
> no way of replying to it.
> 
> Yes, the MX is for receiving mail only, according to the SMTP
> standard, BUT if you work on the assumption that you have to be able
> to reply to the sender (which is a common enough assumption), then
> it ALSO has to be valid for sending mail.

I think this makes sense, but I think it would make more sense if there was
a way to just specify in the SPF record for, for example, twitter.com, that
all legit senders for all subdomains are included in the highest level SPF
record.  

I don't know, I'm not a huge fan of SPF at this point, I'm not sure it's
worth the work.  

-- 
"Forget not that the earth delights to feel your bare feet and the winds
long to play with your hair." - Kahlil Gibran
http://www.ChaosReigns.com