 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / July 2007SPF checker
Is there a utility or class/package that can verify that the SPF entry in a master DNS domain definition is correct?  Signaturemartin@ | Martin Gregorie gregorie. | Essex, UK org | >Is there a utility or class/package that can verify that the SPF entry >in a master DNS domain definition is correct? The people on the SPF lists were working on a validation suite for SPF implementations, but I don't remember a downloadable one for checking records. Not read them for a while though and maybe that situation has changed. Does Bruce Kitterman's online SPF record validator at http://www.kitterman.com/spf/validate.html help you at all ? Nick Signaturehttp://www.leverton.org/blosxom ... So express yourself >> Is there a utility or class/package that can verify that the SPF entry >> in a master DNS domain definition is correct? [quoted text clipped - 6 lines] > Does Bruce Kitterman's online SPF record validator at > http://www.kitterman.com/spf/validate.html help you at all ? Many thanks. I was expecting a command line or graphical utility but that validator does exactly what I wanted. It rooted out an erroneous ip4: term that had been suggested by the wizard at openspf.org Signaturemartin@ | Martin Gregorie gregorie. | Essex, UK org | On Mon, 16 Jul 2007 10:17:24 +0100, Martin Gregorie <martin@see.sig.for.address> wrote, quoted or indirectly quoted someone who said : >Is there a utility or class/package that can verify that the SPF entry >in a master DNS domain definition is correct? If, like me, you are curious what SPF is, see http://www.openspf.org/FAQ/What_is_SPF It is for detecting forged emails, which are nearly always spam. SignatureRoedy Green Canadian Mind Products The Java Glossary http://mindprod.com > On Mon, 16 Jul 2007 10:17:24 +0100, Martin Gregorie > <martin@see.sig.for.address> wrote, quoted or indirectly quoted [quoted text clipped - 7 lines] > > It is for detecting forged emails, which are nearly always spam. There's been a lot of talk about SPF on comp.risks over the years. I haven't followed the discussions very closely not having much interest in it but there have been a number of people not particularly happy with it. One such example: http://catless.ncl.ac.uk/Risks/23.18.html#subj11.1 SignatureGeoff >> On Mon, 16 Jul 2007 10:17:24 +0100, Martin Gregorie >> <martin@see.sig.for.address> wrote, quoted or indirectly quoted [quoted text clipped - 12 lines] > such example: > http://catless.ncl.ac.uk/Risks/23.18.html#subj11.1 My interest in SPF is entirely that it can detect spam that uses my domain as the (forged) sender. Without SPF there's no way that a forged sender can be detected and I can do without the backscatter. As its use spreads its my hope that MTAs will start discarding mail sent to invalid mailboxes with a forged sender address. Its all they can and should do: bouncing it just annoys some bystander. Signaturemartin@ | Martin Gregorie gregorie. | Essex, UK org | : > On Mon, 16 Jul 2007 10:17:24 +0100, Martin Gregorie : > <martin@see.sig.for.address> wrote, quoted or indirectly quoted [quoted text clipped - 7 lines] : > : > It is for detecting forged emails, which are nearly always spam. To be precise, it detects 1) does a domain restrict the networks a user can send mail from while still claiming to be sending mail from that domain? 2) is a user with a mail address in that domain following that policy? SPF by itself does not stop or identify any spam, and it doesn't really detect forged email - partly because many sites do not supply SPF information, and partly because an email is not necessarily forged simply because it comes from a network unrelated to the domain of the mail address. What it does do is help a domain to enforce its mail policies by restricting the networks from which its users can send mail. The disadvantage to the user is that they must use the correct network to send mail using that address. The advantage to the user is that if their domain has a good reputation then their mail may not be blocked. The advantage to the receiver is that they can reliably choose to trust, OR NOT TRUST, certain domains. Spammers often use SPF. The key missing ingredient is many anti-spam discussions is the recognition that all SPF does is allow you to trust that spammer domains are sending spam - you still have to list the site as a spam haven - the SPF itself doesn't tell you anything about it being spam or not. : There's been a lot of talk about SPF on comp.risks over the years. I : haven't followed the discussions very closely not having much interest in it : but there have been a number of people not particularly happy with it. One : such example: : http://catless.ncl.ac.uk/Risks/23.18.html#subj11.1 They discuss "forwarding" of email. Arbitrary forwarding is not ultimately any different that relaying. Open relays used to be a useful and cooperative way to pass mail around. That was long ago, and open relays are now a problem. The policy of forwarding mail is now ultimately flawed for the same non-technical reasons that open relays are flawed. They discuss other things too, but I shouldn't spend more time on this. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.