scott at kitterman
Jul 10, 2011, 7:57 PM
Post #3 of 3
I agree. I'll correct the one sentence. This draft is intended to assist
Re: Fwd: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
[In reply to]
with SPF based FBRs for senders that are planning on setting up a FBR sending
infrastructure. I agree that most of the same data can be gotten from a stunt
DNS server and an appropriate SPF record, but the FBR based approach is more
in line with the general trend among large email providers.
Bottom line is that while you are right, people can get this data another way,
almost no one does so providing this way to do it is, I think, reasonable. I
will make it clear though that it's not the only way to do this.
On Sunday, July 10, 2011 11:01:35 AM you wrote:
> You can do most of this today by careful choice of the elements in your
> SPF record.
> My SPF record contains a logging entry that allows me to see who is
> sending mail for my domain. This, coupled with a 'stunt' DNS server
> allows me to create logs showing what is going on.
> Yes, this proposal is more versatile, but I have to question the premise:
> > There exist cases in which a domain name owner employing [SPF] for
> > announcing sending practises may want to know when messages are
> > received via unauthorized routing. Currently there is no such
> > mechanism defined.
> The last sentence isn't true -- I'm doing it today. However, I will
> admit that there are buggy implementations of SPF that don't get all the
> macro expansions correct! Adding a new mechanism is unlikely to help this.
> My record is (currently):
> p.s. Would people be interested in a web interface to look at their SPF
> drop statistics?
> On 6/28/2011 9:46 AM, Scott Kitterman wrote:
> > In the course of some other work I've been doing, I've started work on an
> > extension to both SPF and the Messaging Abuse Reporting Format. If you
> > don't care about feedback reports you can mostly ignore this, but it
> > does affect SPF in one more general way, it creates an IANA registry of
> > known modifiers.
> > This is part of the work of an established IETF working group, so I hope
> > it can serve to solidify the status of SPF within the IETF (and yes, I
> > still plan to work on a 4408bis to get it out of experimental).
> > Please review and comment (either here or on the MARF list).
> > Scott K
> > ---------- Forwarded Message ----------
> > Subject: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
> > Date: Tuesday, June 28, 2011, 09:35:07 AM
> > From: internet-drafts [at] ietf
> > To: i-d-announce [at] ietf
> > CC: marf [at] ietf
> > A New Internet-Draft is available from the on-line Internet-Drafts
> > directories. This draft is a work item of the Messaging Abuse Reporting
> > Format Working Group of the IETF.
> > Title : SPF Authentication Failure Reporting using the Abuse
> > Report Format
> > Author(s) : Scott Kitterman
> > Filename : draft-ietf-marf-spf-reporting-00.txt
> > Pages : 16
> > Date : 2011-06-28
> > This memo presents extensions to the Abuse Reporting Format (ARF),
> > and Sender Policy Framework (SPF) specifications to allow for
> > detailed reporting of message authentication failures in an on-demand
> > fashion.
> > A URL for this Internet-Draft is:
> > http://www.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> > This Internet-Draft can be retrieved at:
> > ftp://ftp.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
RSS Feed: https://www.listbox.com/member/archive/rss/735/1311532-17d8a1ba
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311532&id_secret=1311532-f2ea6ed9
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311532&id_secret=1311532-bdbb122a&post_id=20110710225714:79C7C246-AB69-11E0-99A6-FBB3F559ED1D
Powered by Listbox: http://www.listbox.com