On Friday, February 10, 2012 04:33:57 PM Alessandro Vesely wrote: ... > >> That the domain part of abuse-mailboxes should not be > >> SPF-protected would be a new, somewhat obscure requirement, that > >> is not going to improve SPF adoption. > > > > > > > > I don't agree. I don't see such a requirement. > > If some leased addresses can get (soft)fail for ISP.example, the ISP > needs to scan outgoing SMTP transactions --if they are not cyphered-- > in order to avoid non-reportable cases. Otherwise a bot-master could > MAIL FROM:<[email protected]> from those addresses and get > away with it. > > (And that assuming that ISPs don't publish abuse-mailboxes for the > sole purpose of keeping admin and technical contacts clear of spam > complaints.) ...
I think you are mixing things together that are separate. I do think it's up to a network owner (such as an ISP) to police their IP space. If they don't want mail using their domain name to be sent out of their network except through their official MTAs, they can prevent that easily enough. The problem though is it's difficult to reliable separate this case from generic SPF non-pass conditions, so I don't think we should create a space for an unreliable solution to a problem that network operators can solve on their own if they care to. None of this has any impact on the SPF status of the postmaster inbox. The message we are discussing here that didn't pass SPF was the original one believed to be abusive. That's got no bearing on the SPF status of any report to postmaster@. That's completely separate. I can see having an discussion about should postmaster addresses filter/reject based on SPF, but I don't think anything we are doing in the MARF group has any impact on the answer to that question. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
