Re: [exim] SPF feature would be more useful if

On 7/19/2010 1:20 AM, Graeme Fowler wrote:
> On Sat, 2010-07-17 at 00:40 -0700, Marc Perkel wrote:
>
>> As it is now SPF checks the sender domain against the connecting IP
>> address. It would be more useful if it were expanded to allow me to pass
>> a different domain and to pass a different IP address.
>>
> But that would be looking up a different set of data that SPF in the
> context of an SMTP transaction is not designed to
> validate/verify/authorise.
>
>
>> I might want to check the domain of the from field.
>>
> Erm...
>
>
>> I might want to check the IP addresses in the received lines for SPF match.
>>
> Erm...
>
> For both of the "Erm..." lines above, substitute "Which may be forged".
> You're trying to twist the SPF spec way beyond the boundary - I
> appreciate that useful results can come of things like that
> occasionally, but this strikes me as being doomed to failure.
>
> Anyway: with judicious use of the "dnsdb" lookup, the tools you need
> exist already.
>
> Graeme
>
>
>

Although received headers can be forged, it is unlikely most spammers
would do so Spammers would have to make SPF calls to do the forgery and
that would be to expensive bandwidth wise. What I'm thinking is
preventing false positives due to email forwarding.