[81798] in North American Network Operators' Group
Re: ISP phishing
daemon@ATHENA.MIT.EDU (Niels Bakker)
Thu Jun 30 04:27:57 2005
Date: Thu, 30 Jun 2005 10:27:29 +0200
From: Niels Bakker <niels=nanog@bakker.net>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <Pine.LNX.4.60.0506291416150.15056@hermes-1.csi.cam.ac.uk>
Errors-To: owner-nanog@merit.edu
* dot@dotat.at (Tony Finch) [Wed 29 Jun 2005, 15:28 CEST]:
>On Wed, 29 Jun 2005, Peter Corlett wrote:
>>Tony Finch <dot@dotat.at> wrote:
>>[...]
>>>Actually, what you have to guarantee is that you never send email to
>>>anyone who forwards their email elsewhere. This is impossible.
>>How do you figure that?
>>
>>The failure mode in this case is if somebody arranges "dumb" mail
>>forwarding that doesn't do envelope rewriting, and also applies a SPF
>>filter on their incoming mail. The problem is quite clearly of the
>>recipient's making rather than any fault of the sender's.
>Most forwarding services do nothing but change the envelope recipient
>address, and this has been standard practice for many many years. Sites
>that do SPF checking on incoming email must take this into account if
>their users forward email from elsewhere. However most sites do not do so,
>partly because the SPF documentation doesn't make it clear that they must,
>and partly because it's basically impossible - for every user that
>forwards email to your site you must whitelist the IP addresses of the
>forwarding mail servers, and you can't find out what those IP addresses
>are or when they change.
How do I configure my router for that?
-- Niels.
--
The idle mind is the devil's playground
