[OT] Re: configuration error in lists.isc.org
Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Aug 7 18:54:18 UTC 2015
>Am 07.08.2015 um 08:29 schrieb Matus UHLAR - fantomas:
>> SPF must only check envelope address, not header From: address - it
>> was never designed to do the latter.
On 07.08.15 17:23, Heiko Richter wrote:
>Correction:
>- ------------
>All implementations of SPF always check 2 addresses:
> - Envelope-From address
> - From address
the latter is simply not true. I repeat: SPF was designed only to match mail
from address and NOT rf*22 header From: address.
_No_ SPF implementations match header addresses.
Implementations of Microsoft broken SenderID proposal match From: addresses,
and the worst even compare it to v=spf1 record, which is fundamentally
broken.
>> Note that it's the SenderID specification that is horribly broken
>> (btw, just because of mailing lists) and further any protocol that
>> uses it (does DMARC?)
>>
>> Blaming the ISC mailserver for not changing header address is
>> blaming it for doing something (all?) list servers did years before
>> microsoft came with the braindead SenderID specification that broke
>> this behaviour.
>You seem to mix up SenderID and SPF. SPF is the thing that is broken
>as it always checks Envelope- and Header-From. Sender-ID is a way (the
>only way) to tell SPF it should just check one of them.
No, you are mixing those two. SPF is the original protocol that was made to
match envelope from addresses, and the SenderID is the braindead Microsoft
invention that tries to match it against headers.
>After publishing the SenderID record the DMARC bounces stopped as the
>servers just check the Envelope-From now. Before SenderID the only way
>had been to live with the DMARC bounces or the make the list servers
>change the Header-From. But with SenderID there's a working alternative.
If this is true, then the DMARC is broken...
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
More information about the bind-users
mailing list