On Wednesday 04 August 2004 16.29, Daniel Lorch wrote: > > I guess you have only one (or maybe 2 or 3) mail server which > > your customers can use to relay mails trough SMTP Auth. Now you > > have in every domain you are hosting set up the SPF entry for the > > IP of your mailserver. How do you proctect customer A to use > > customer B's domain for sending emails? > > This is a problem inherent to SPF. I agree that this form of abuse is > possible. Also in the swinog.ch/ADSL-scenario you described all > customers of the ADSL access provider would be able to send mails > using our customer's domain.
Daniel points a real daily occuring situation... Today, customers use several email accounts (one at yah** one at ***win ...) and, usually only configure one single smtp in their own MUA... Those clients choose one smtp that permits them relaying any from= field within authentication. Then, you should know every single domains used by your client to make SPF reliable... And not only for random swiss one, but from a world wide range of well known domains. You could live with it and try to enumerate huge domains to accept them... but they also happen to be those spamers mainly use :/ What SPF will do for us tomorrow ? -- Rene Luria <[EMAIL PROTECTED]> 0x0EEA9B4F Infomaniak Network SA _______________________________________________ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
