Hi
I'm still looking for a deeper explanation. The one I found at
Microsoft [1] exactly explains SPF as I know and the wizard [2]
creates the same records as the wizard on spf.pobox.com.
[1]
http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
[2] http://www.anti-spamtools.org/SenderIDEmailPolicyTool/Default.aspx
Do you have more information?
This documents were very short and summarized Sender-ID very well:
"Sender ID Framework Executive Overview"
http://www.microsoft.com/downloads/details.aspx?FamilyId=F23A8DDD-F4DD-4419-B7E0-2B1D189789DB&displaylang=en
"Sender ID Framework Deployment Overview"
http://www.microsoft.com/downloads/details.aspx?familyid=8958AB23-F350-40FE-BA0A-2967B968FD8D%20&displaylang=en
The Sender ID Framework (SIDF) is the name of the product, not the
technology. SIDF uses SPF records and solves some of the problems with
forwarding mails and stuff by introducing new mail headers and a new
command in the SMTP transaction, which allows you to do all the funky
SPF detection stuff even before DATA. Read more on this here:
"Sender Policy Framework: Authorizing Use of Domains in Mail From"
http://www.microsoft.com/downloads/details.aspx?familyid=d8a174b1-697c-4aea-9c92-2e70a013c30b&displaylang=en
They have also introduced something called the PRA (Purported
Responsible Address) or PRD (Purported Responsible Domain) which
basically means "where did the mail come from?" or more technically:
does the "From" header (and a couple of other mail headers, see spec)
match the server the mail came from? And here is the part which is
incompatible with "Classic SPF". The records are the same, but while
"Classic SPF" ONLY used them to check the envelope from ("Return-Path"),
Sender ID uses the SAME records to check for "From". So the records are
identical, but the interpretation is different and that can cause major
headaches because in some cases it could work, in others not, depending
on whether the receiving server interprets them as SPF or as Sender ID.
Here's a translation of purported, btw:
deutsch: http://dict.leo.org/?search=purported
français: http://dict.leo.org/?lp=frde&search=behaupten
Coincidentially, I checked aol.com's SPF record today and I found this.
I don't have the full "bigger picture" yet, but I believe these are
Classic SPF records AND a Sender ID record - split up in two TXT records:
$ dig +short txt aol.com
"spf2.0/pra ip4:152.163.225.0/24 ip4:205.188.139.0/24
ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24
ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
"v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24
ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23
ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
Note that you don't have to pay anything to use Sender-ID. Microsoft
allows anyone to use Sender-ID for free (how generous!), in some cases
you need to obtain a licence, tough. While this is free as in beer, it
is not free as in speech and therefore it is incompatible with most open
source licences:
Q5: Who needs to execute a license with Microsoft?
A: It's important to note that the license is only relevant to those
organisations (ISP, large enterprise) who will be CHECKING e-mails
using the PRA check alternative of the Sender ID Framrwork need to
secure a license. Those simply publishing their Sender ID records
do not need this license.
Q7: Does Microsoft's patent licences require me to pay any fees or
other royalties?
A: No. There are no royalties or other fees associated with Micro-
soft's patent license. [..]
from "Sender ID Framework and Intellectual Property Overview and FAQ"
http://www.microsoft.com/downloads/details.aspx?familyid=4b1c931a-57cf-40a4-91b0-80e18cfd2be1%20&displaylang=en
You won't need to obtain any licences if you are only publishing SPF
records and want to be compatible with Hotmail. You'll only have to if
you use Sender ID technology to check Emails. And even then, it's going
to be free.
Daniel
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog