[119842] in North American Network Operators' Group
Re: AT&T SMTP Admin contact?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Dec 2 22:53:43 2009
To: Chris Owen <owenc@hubris.net>
In-Reply-To: Your message of "Wed, 02 Dec 2009 12:38:54 CST."
<247D4FDA-3D4D-4A75-96EF-B3D59E63CA2F@hubris.net>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 02 Dec 2009 22:52:22 -0500
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1259812342_2916P
Content-Type: text/plain; charset=us-ascii
On Wed, 02 Dec 2009 12:38:54 CST, Chris Owen said:
> On Dec 2, 2009, at 12:31 PM, Rich Kulawiec wrote:
>
> > Because SenderID and SPF have no anti-spam value, and almost no
> > anti-forgery value. Not that this stops a *lot* of people who've drunk
> > the kool-aid from trying to use them anyway,
>
> OK, I'll bite--How exactly do you go about forging email from my domain
> name if the host receiving it is checking SPF?
It only stops forgery if the SPF record has a -all in it (as hubris.net does).
However, a lot of domains (mine included) have a ~all instead.
(And before anybody asks, yes ~all is what we want, and no you can't ask us
to try -all instead, unless we're allowed to send you all the helpdesk calls
about misconfigured migratory laptops".. ;)
--==_Exmh_1259812342_2916P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFLFzX2cC3lWbTT17ARAqI6AKDQfA1pekM6HPLIeOJ+5QIdSmbZeQCeM710
sQtZODMzhlUtHtZoNDfygCY=
=q/VT
-----END PGP SIGNATURE-----
--==_Exmh_1259812342_2916P--
