Erik de Castro Lopo <[EMAIL PROTECTED]> writes:
> Daniel Pittman wrote:
>> Erik de Castro Lopo <[EMAIL PROTECTED]> writes:
>>
>> > During testing I realised that SPF or at least this implementation I
>> > am using has a serious flaw that will result in mail that should be
>> > blocked by SPF actually getting through.
>>
>> If you don't mind, what implementation flaw?
>
> When postfix asks the SPF policy module to validate an email, it
> does so using the info from the HELO/EHLO and MAIL FROM parts of the
> SMTP transaction and does not look at the From file of the actual
> email headers.
That is actually correct: SPF is about forgery of the SMTP MAIL FROM,
*not* about forgery in the textual headers.
...and reading the protocol description to verify I see that the
designers of SPF have *also* diverged from the SMTP RFC in their
handling of the HELO/EHLO header.
The standard only calls for a "globally unique identifier" there, not a
domain name, for all that common practice is to use the later. Oh, well.
> Since its perfectly legal for the connecting MTA to say "HELO <ip
> address>" and "MAIL FROM: <>" either of these two walks right past the
> Postfix SPF implementation.
I think you think SPF is protecting something other than what it is.
SPF is designed to make sure that you have somewhere *real* to associate
the MAIL FROM part of the SMTP transaction with, and to verify that this
is correct with regard the declared domain outbound SMTP server
information.
If you want to verify that the textual From information in the email
body is "correct" then you need some other solution.
Regards,
Daniel
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
