On Jan 25, 2012 at 17:17 -0500, Scott Kitterman wrote: =>On Wednesday, January 25, 2012 05:12:56 PM Derek Diget wrote: =>> On Jan 24, 2012 at 10:36 -0500, Scott Kitterman wrote: =>> =>* Updated the r= definition to only use localparts and append the SPF =>> domain. =>> =>> How will this work for sites that publish "null" SPF records =>> (<http://www.openspf.net/FAQ/Common_mistakes#all-domains>)? =>> =>> By publishing a "null" SPF record the domain part is not suppose to be =>> used for email. But if the site wanted to get reports for attempts to =>> use that domain, how would they? Sending to =>> <localpart-addr>@<non-mail-domain> won't work. => =>You are confusing sending and receiving. Nothing says such domains don't =>receive mail.
Ok, I might have misspoken when I wrote "the domain part is not suppose to be used for email." The FAQ says "Publishing "v=spf1 -all" says that a domain sends no mail." Ok, got the "sending" part. So, no legitimate mail is sent using that domain. How does the domain owner receive reports of others trying to use the domain to send mail? If the domain owner has said via the SPF record that the domain doesn't send mail, I would be highly surprised if the domain owner has configured anything to accept mail at that domain. They are publishing the SPF record so that if somebody else wanted to send mail using that domain, it would receive a SPF fail versus getting the SPF none result if they didn't have the record. Again if a domain owner publishes a SPF record of www.example.com "v=spf1 -all -r=postmaster" How do they get reports of sending (forgery) attempts using MAIL FROM:<[email protected]> sent to them? Do they have to put a MX record on www.example.com and configure their mail server to accept mail for that domain? (I sure hope not.) -- *********************************************************************** Derek Diget Office of Information Technology Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/ *********************************************************************** _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
