Re: [swinog] hotmail requires sender id

[Daniel Lorch]

Hi

http://www.microsoft.com/downloads/details.aspx?FamilyId=8FE5AAF3-6E5B-478C-9303-6E1E9BBEC94D&displaylang=en 


Reminds me: microsoft.com is definately not "Cool URI" compliant :)

  http://www.w3.org/Provider/Style/URI.html

Daniel
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] hotmail requires sender id

[Daniel Lorch]

Hi

The Sender ID Framework (SIDF) is the name of the product, not the 
technology. SIDF uses SPF records and solves some of the problems with 
forwarding mails and stuff by introducing new mail headers and a new 
command in the SMTP transaction, which allows you to do all the funky 
SPF detection stuff even before DATA. Read more on this here:


Whoops sorry, wrong PDF. Here we go:

  "SMTP Service Extension for Indicating the Responsible Submitter of an
  E-mail Message"

http://www.microsoft.com/downloads/details.aspx?FamilyId=8FE5AAF3-6E5B-478C-9303-6E1E9BBEC94D&displaylang=en

Daniel
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] hotmail requires sender id

[Daniel Lorch]

Hi


I'm still looking for a deeper explanation. The one I found at
Microsoft [1] exactly explains SPF as I know and the wizard [2]
creates the same records as the wizard on spf.pobox.com.

[1] 
http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
[2] http://www.anti-spamtools.org/SenderIDEmailPolicyTool/Default.aspx

Do you have more information?


This documents were very short and summarized Sender-ID very well:

  "Sender ID Framework Executive Overview"

http://www.microsoft.com/downloads/details.aspx?FamilyId=F23A8DDD-F4DD-4419-B7E0-2B1D189789DB&displaylang=en

  "Sender ID Framework Deployment Overview"

http://www.microsoft.com/downloads/details.aspx?familyid=8958AB23-F350-40FE-BA0A-2967B968FD8D%20&displaylang=en

The Sender ID Framework (SIDF) is the name of the product, not the 
technology. SIDF uses SPF records and solves some of the problems with 
forwarding mails and stuff by introducing new mail headers and a new 
command in the SMTP transaction, which allows you to do all the funky 
SPF detection stuff even before DATA. Read more on this here:


  "Sender Policy Framework: Authorizing Use of Domains in Mail From"

http://www.microsoft.com/downloads/details.aspx?familyid=d8a174b1-697c-4aea-9c92-2e70a013c30b&displaylang=en

They have also introduced something called the PRA (Purported 
Responsible Address) or PRD (Purported Responsible Domain) which 
basically means "where did the mail come from?" or more technically: 
does the "From" header (and a couple of other mail headers, see spec) 
match the server the mail came from? And here is the part which is 
incompatible with "Classic SPF". The records are the same, but while 
"Classic SPF" ONLY used them to check the envelope from ("Return-Path"), 
Sender ID uses the SAME records to check for "From". So the records are 
identical, but the interpretation is different and that can cause major 
headaches because in some cases it could work, in others not, depending 
on whether the receiving server interprets them as SPF or as Sender ID.


Here's a translation of purported, btw:

  deutsch:  http://dict.leo.org/?search=purported
  français: http://dict.leo.org/?lp=frde&search=behaupten

Coincidentially, I checked aol.com's SPF record today and I found this. 
I don't have the full "bigger picture" yet, but I believe these are 
Classic SPF records AND a Sender ID record - split up in two TXT records:


  $ dig +short txt aol.com

  "spf2.0/pra ip4:152.163.225.0/24 ip4:205.188.139.0/24
  ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24
  ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"

  "v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24
  ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23
  ip4:64.12.138.0/24 ptr:mx.aol.com ?all"

Note that you don't have to pay anything to use Sender-ID. Microsoft 
allows anyone to use Sender-ID for free (how generous!), in some cases 
you need to obtain a licence, tough. While this is free as in beer, it 
is not free as in speech and therefore it is incompatible with most open 
source licences:


  Q5: Who needs to execute a license with Microsoft?
  A: It's important to note that the license is only relevant to those
  organisations (ISP, large enterprise) who will be CHECKING e-mails
  using the PRA check alternative of the Sender ID Framrwork need to
  secure a license. Those simply publishing their Sender ID records
  do not need this license.

  Q7: Does Microsoft's patent licences require me to pay any fees or
  other royalties?
  A: No. There are no royalties or other fees associated with Micro-
  soft's patent license. [..]

  from "Sender ID Framework and Intellectual Property Overview and FAQ"

http://www.microsoft.com/downloads/details.aspx?familyid=4b1c931a-57cf-40a4-91b0-80e18cfd2be1%20&displaylang=en

You won't need to obtain any licences if you are only publishing SPF 
records and want to be compatible with Hotmail. You'll only have to if 
you use Sender ID technology to check Emails. And even then, it's going 
to be free.


Daniel
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] hotmail requires sender id

[Jean-Pierre Schwickerath]

> There is a 'small' problem with this. AOL uses SPFv1, while Microsoft
> is pushing "SPFv2", which is not really SPFv2, but their own version
> of the thing which clashes with the real SPFv1 (openspf.org one) also
> called classic and that is the one people have been deploying the last
> 2 years, not the one with the PRA checks.
> 
> The problem here is that Mickeysofts version of SPF breaks all SPFv1
> installations
> 
> The IESG has apparently given both drafts (SPFv1 + Sender-ID/SPFv2)
> the chance to go to experimental RFC.

OK, maybe I talked to fast, or wrote without thinking too much. 
I completely oversaw the license issue and the fact that their sender ID
stuff is breaking the currently used SPFv1. 

I'll have to look deeper into the issue. Meanwhile I signed the openspf
position. 


Regards, 

Jean-Pierre

-- 
HILOTEC Engineering + Consulting GmbH
Energietechnik und Datensysteme
Tel: +41 34 402 74 00 - http://www.hilotec.com/
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] hotmail requires sender id

[Beat Rubischon]

Hello!

Am 26.06.05 schrieb Jeroen Massar:

> http://www.mail-spf.org/
> Which has quite some up-to-date info.

There is a lot of political and rare technical discussions on the
net. I found a nice discussion while Googeling:
http://www.gossamer-threads.com/lists/spf/deployment/13622

I was not able to find a usable howto for understanding Sender-Id
or creating a working environement. Usually, I don't need more
then half a day to understand a new technology - but Sender-Id
takes more time ;-)

As long as no one has written a "cookbook" for implementing
Sender-Id, only Hotmail users will be able to create Hotmail
compliant mails. So: Who cares?

Beat

-- 
 \|/  Beat Rubischon <[EMAIL PROTECTED]>
   ( 0^0 )http://www.0x1b.ch/~beat/
oOO--(_)--OOo--
# wigwam.lugs.ch, Linux 2.4.31-pre2, up 43 days, 21:17, load: 2.68
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] *SPECIAL* SwiNOG-BE27 - Beer Event 27 - 11th of July @ Oerlikerpark

[Martin Ebnoether]

Steven Glogger schrieb:

Hoi!


i heard that some guys wants to sponsor some beer ;-) roger will bring a
tent...

ideas for sponsoring:
- more beer


I can bring some Turbine or Bier Paul.


- some hot sauces (venty?)


Of course! I'd never go to a BBQ without them. =:-)


- desserts


I'll bake a chocolate-rum-cake, if you like.


- salads
- etc..


I'll bring my (rumored to be non-working) web.de boomerang.

CU, Venty
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog