[194270] in North American Network Operators' Group
Re: Microsoft O365 labels nanog potential fraud?
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Mar 29 15:52:46 2017
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <15539534.4rWtqb57Ip@skynet.simkin.ca>
From: William Herrin <bill@herrin.us>
Date: Wed, 29 Mar 2017 15:52:15 -0400
To: Alan Hodgson <ahodgson@lists.simkin.ca>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Mar 29, 2017 at 12:24 PM, Alan Hodgson <ahodgson@lists.simkin.ca>
wrote:
> On Wednesday 29 March 2017 11:12:33 William Herrin wrote:
> > Both SPF and DKIM are meant to be checked against the domain in the
> > envelope sender (SMTP protocol-level return address) which the NANOG list
> > sets to nanog-bounces@nanog.org. Checking against the message header
> "from"
> > address is an incorrect implementation which will break essentially all
> > mailing lists.
> >
>
> This is incomplete.
>
> TL;DR: SPF checks the envelope sender. DKIM doesn't check anything except
> to
> test that parts of the message haven't been altered. DMARC adds policy to
> both
> to check them against the header From:. Mailing list software may not work
> with DMARC-reject senders (but Nanog does).
>
Hi Alan,
I accept your explanation as the correct one.
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>
