nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Microsoft O365 labels nanog potential fraud?

From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Wed, 29 Mar 2017 15:05:59 -0600

The purpose of SPF is to REJECT messages before the data phase.  This cannot be done if you are checking the RFC-822 
From: header since that requires accepting the message and invalidates the entire purpose of SPF.

I have never seen an SPF implementation that uses the RFC-822 header From.  Doing so would be pointless.


-----Original Message-----
From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Grant Taylor via
NANOG
Sent: Wednesday, 29 March, 2017 09:26
To: nanog () nanog org
Subject: Re: Microsoft O365 labels nanog potential fraud?

On 03/29/2017 09:12 AM, William Herrin wrote:

Both SPF and DKIM are meant to be checked against the domain in the
envelope sender (SMTP protocol-level return address) which the NANOG

list

sets to nanog-bounces () nanog org. Checking against the message header

"from"

address is an incorrect implementation which will break essentially all
mailing lists.


That may be what the original intent was.

Every SPF implementation I've seen has checked the SMTP envelope FROM
address /and/ the RFC 822 From: header address.

Granted, that does not mean that it's the correct behavior.



--
Grant. . . .
unix || die
Previous By Date Next
Previous By Thread Next

Current thread: