From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <6616fcacdcb85189b46c900dfdd6d81e@plan9.bell-labs.com> From: David Presotto To: 9fans@cse.psu.edu Subject: Re: SMTP+SPF (was: [9fans] Re: new release?) In-Reply-To: <0e729f108c862316f4357a2874bd90b1@plan9.bell-labs.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-gagsczsuunydbgfdkpeikmpnix" Date: Wed, 25 Feb 2004 21:12:58 -0500 Topicbox-Message-UUID: f7494b6c-eacc-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-gagsczsuunydbgfdkpeikmpnix Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit I should be more complete. SPF isn't a panacea. There are a lot of options but the basic function of SPF is to stick into DNS the IP addresses of the mail servers that can send mail from a particular domain. If you see mail from my home machine that says its from aol.com, you dump it into the bit bucket. ALL of the spam that makes it through my filter has faked From: addresses since I use a white list. Most of my spam that gets rejected also has faked From: addresses. It thus forces you to always go through a server that is authorized to send mail from your domain. Therefore, when you're off visiting somewhere, you still have to use your own domain's smtp server. That might not be possible if you're behind a firewall. For example, at Lucent one cannot make smtp connections out of the company. One must use internal servers. Therefore, russ couldn't send messages from here as rsc@swtch.com or I as presotto@closedmind.org since we'ld have to do through lucent servers. It does have the advantage that the current viruses would have a hard time. They normally look into your Outlook address file and send mail from your machine as a myriad of different people that you have contacted. If most domains used SPF then the best they could do would be to send mail through their dedicated servers as themselves (or at worst someone in their home domain). This really reduces the distributed spreading power of viruses that use email. The dedicated servers usually find out about viruses early and filter hard. In essence, a virus would stop spreading as soon as aol, comcase, yahoo, etc figured out it existed. Of course, that will just select for sneakier viruses, but the sneakier, in general, the more complex and hence the more fragile. --upas-gagsczsuunydbgfdkpeikmpnix Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Wed Feb 25 20:26:35 EST 2004 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Wed Feb 25 20:26:31 EST 2004 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 753F719C4A; Wed, 25 Feb 2004 20:26:22 -0500 (EST) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.4.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id ADEEA19B74; Wed, 25 Feb 2004 20:26:17 -0500 (EST) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id A218519B8B; Wed, 25 Feb 2004 20:25:17 -0500 (EST) Received: from plan9.cs.bell-labs.com (mmsrelay.us [204.178.31.2]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 5B79719B24 for <9fans@cse.psu.edu>; Wed, 25 Feb 2004 20:25:16 -0500 (EST) Message-ID: <0e729f108c862316f4357a2874bd90b1@plan9.bell-labs.com> From: David Presotto To: 9fans@cse.psu.edu Subject: Re: SMTP+SPF (was: [9fans] Re: new release?) In-Reply-To: <3281.199.98.20.107.1077754455.squirrel@wish.cooper.edu> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-ugoveazdqgnzrpopockejnxwfc" Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Wed, 25 Feb 2004 20:25:15 -0500 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on psuvax1.cse.psu.edu X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Level: This is a multi-part message in MIME format. --upas-ugoveazdqgnzrpopockejnxwfc Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit I'm currently building support for it into Plan 9. I think its a good idea. It doesn't prevent spam but it makes white lists better. --upas-ugoveazdqgnzrpopockejnxwfc Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Wed Feb 25 19:23:27 EST 2004 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Wed Feb 25 19:23:24 EST 2004 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 0874F19BFE; Wed, 25 Feb 2004 19:23:22 -0500 (EST) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.4.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id D707019B19; Wed, 25 Feb 2004 19:23:17 -0500 (EST) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 41BA319BD9; Wed, 25 Feb 2004 19:22:56 -0500 (EST) Received: from wish.cooper.edu (wish.cooper.edu [199.98.16.74]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id BE62119BA7 for <9fans@cse.psu.edu>; Wed, 25 Feb 2004 19:22:51 -0500 (EST) Received: by wish.cooper.edu (Postfix, from userid 94) id 429FF3938; Wed, 25 Feb 2004 19:14:16 -0500 (EST) Received: from wish.cooper.edu (localhost.localdomain [127.0.0.1]) by wish.cooper.edu (Postfix) with SMTP id C23EE3937 for <9fans@cse.psu.edu>; Wed, 25 Feb 2004 19:14:15 -0500 (EST) Received: from pnp107.ee.cooper.edu ([199.98.20.107]) (SquirrelMail authenticated user salomo3) by wish.cooper.edu with HTTP; Wed, 25 Feb 2004 19:14:15 -0500 (EST) Message-ID: <3281.199.98.20.107.1077754455.squirrel@wish.cooper.edu> In-Reply-To: <5650c97bcaa9d357e77eb3396c1eb368@collyer.net> References: <5650c97bcaa9d357e77eb3396c1eb368@collyer.net> Subject: SMTP+SPF (was: [9fans] Re: new release?) From: "Joel Salomon" To: 9fans@cse.psu.edu User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Wed, 25 Feb 2004 19:14:15 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on psuvax1.cse.psu.edu X-Spam-Status: No, hits=0.8 required=5.0 tests=PRIORITY_NO_NAME autolearn=no version=2.63 X-Spam-Level: Geoff Collyer said: > I've been contributing anti-spam machinery for smtpd, and have some > other code and ideas stalled by lack of time and not-quite-complete > IPv6 support in Plan 9. So far none of the strongly-hyped anti-spam > ideas keep the spam from reaching one's machine in the first place, > and I know how to do that, it's just going to take some time to do it. > Does anyone here have an opinion (yes ;-) ) on SMTP+SPF? http://spf.pobox.com/ It *claims* to be a sufficient patch on SMTP to ensure that the sender of an email is a real person from a responsible ISP. --Joel --upas-ugoveazdqgnzrpopockejnxwfc-- --upas-gagsczsuunydbgfdkpeikmpnix--