jgreen at wikimedia
Sep 28, 2012, 1:15 PM
Post #12 of 12
On Fri, 28 Sep 2012, Daniel Friesen wrote:
Re: SPF (email spoof prevention feature) test-rollout Weds 10/5
[In reply to]
> On Fri, 28 Sep 2012 12:47:20 -0700, Jeff Green <jgreen [at] wikimedia> wrote:
>> On Fri, 28 Sep 2012, Daniel Friesen wrote:
>>> On Fri, 28 Sep 2012 12:19:21 -0700, Brad Jorsch
>>> <b-jorsch [at] alum> wrote:
>>>> On Fri, Sep 28, 2012 at 11:00:08AM -0700, Jeff Green wrote:
>>>>> The change should not be noticeable, but the most likely problem
>>>>> would be legitimate @wikimedia.org mail being treated as spam. If
>>>>> you hear of this happening please let me know.
>>>> Anyone who sends all mail marked as "from" their @wikimedia.org
>>>> address through Gmail's SMTP server, through an SMTP server hosted by
>>>> Wikimedia (is there one?), or through any other server identified in the
>>>> SPF record should be fine. And anyone who isn't sending "from" an
>>>> @wikimedia.org address should be entirely unaffected.
>>>> If anyone is sending mail marked as "from" their @wikimedia.org address
>>>> through some other SMTP server (e.g. through their home ISP), they might
>>>> start to see trouble with this change and likely will when the SPF
>>>> record is changed to ~all.
>>>> Also, any recipient who has their mail forwarded might have trouble
>>>> *receiving* messages from @wikimedia.org addresses, unless their
>>>> forwarding service takes SPF into account or their destination mailbox
>>>> doesn't check SPF. OTOH, these people would have the same problem with
>>>> receiving mail from all the other domains that currently implement SPF.
>>>> : There are actually two concepts of "from" involved in email. The
>>>> first, the "envelope sender" or "mail from", is the address that
>>>> bounce notifications should be sent to. The second is the address
>>>> that actually shows up as "From:" in the email message. SPF is
>>>> intended to target only the former, but SenderID hijacks the SPF
>>>> specification to also test the latter.
>>> And to make things all fun and confusing. We shouldn't forget about the
>>> Sender: header...
>>> **mumbles about AWS-SES not supporting Sender:**
>> Yes and SenderID is where we're running into deliverability issues for
>> fundraiser mailings since we lack SPF, that's part of what prompted this
>> whole initiative. Well, that and an ancient RT request from Office IT!
> T_T Not my complaint about From: @wikimedia.org spam on wikitech-l?
That too! ;-)
>>> -- ~Daniel Friesen (Dantman, Nadir-Seen-Fire)
>>> Wikitech-l mailing list
>>> Wikitech-l [at] lists
> ~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]
> Wikitech-l mailing list
> Wikitech-l [at] lists
Wikitech-l mailing list
Wikitech-l [at] lists