[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Strange Emails -- What are they?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Strange Emails -- What are they?
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Wed, 07 Jun 2006 15:27:00 -0400

What would really help is SPF, if you can manage it. That way you canreject mail that claims to come from your domain but does not come fromyour mail servers. But this is all a bit OT, not really full disclosure.

Well, sort of. Too many domains do something like '~' or '?' instead of'-' like they should.


(dig -t txt $domain) :

AOL : ?all
Hotmail/MSN : ~all
Google : ~all

http://en.wikipedia.org/wiki/Sender_Policy_Framework

AOL's is perticularly ironic, considering they hard-hand other folksinto publishing a SPF record to deliver to them, but publish a ?all (nopolicy) record themselves.

What you can do quite effectively though, is to consider SPF (topenalize) as one of several factors in something like SpamAssassin.


~Mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] Strange Emails -- What are they?
  - From: Geo.
- Re: [Full-disclosure] Strange Emails -- What are they?
  - From: Simon Smith
- Re: [Full-disclosure] Strange Emails -- What are they?
  - From: Ademar Gonzalez
- Re: [Full-disclosure] Strange Emails -- What are they?
  - From: Pam Patterson

Prev by Date: Re: [Full-disclosure] Strange Emails -- What are they?
Next by Date: [Full-disclosure] [ MDKSA-2006:097 ] - Updated MySQL packages fixes SQL injection vulnerability.
Previous by thread: Re: [Full-disclosure] Strange Emails -- What are they?
Next by thread: RE: [Full-disclosure] Strange Emails -- What are they?
Index(es):
- Date
- Thread