[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Email Spoofing
On Jul 21, Dirk Schreiner <dirk.schreiner@xxxxxxx> wrote:
Markus Gaugusch schrieb:
Yes, it breaks forwarding. But facing the amount of spam, the number of
mails that bounce because of incorrect (old-style) forwarding should be
Could you please post the RFC with the "new-style".
SPF suggests remailing instead of forwarding. I'm pretty sure that this
does not bother any RFC. The old method may not be incorrect, but it is
just incompatible with SPF. Sorry for the wrong wording.
Your suggestion with signatures are also nice, but I think that 1 million
administrators are easier to convince to perform infrastructure upgrades,
than billions of (mostly stupid) users. I don't think that SPF is so bad,
and I haven't heard of any other problems than forwarding. Digital
signatures, though, are something that probably not even everyone on
suse-security has tried. And I don't want to see the next MS Outlook
version with integrated signatures that will break like everything else
they make. Infrastructure security should be done by administrators, not
by end users. Although there are still too many stupid admins out there :(
And yes, I know, that the forwarding problem doesn't hit me, but the
innocent receiver who forwards mail from my account to his SPF-protected
domain via a non-SPF aware host in the middle. But if that case happens, I
could either send mails to him directly, or try to convince the "middle"
host owner to do something against the sky-raising amounts of spam and do
remailing instead of forwarding.
BTW: if anybody is not amused about that long signature.
I cannot go around this because company GW is doing that.
And using my host`s SMTP-Server is not possible due to
people checking Reverse-Lookup and doing SPF. :-/
You could at least use sigdashes ("-- ", the trailing blank is important!)
to make users of good mail clients not-so-annoyed :)
Markus Gaugusch \ / ASCII Ribbon Campaign
markus(at)gaugusch.at X Against HTML Mail
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here