Microsoft O365 labels nanog potential fraud?
kmedcalf at dessus.com
Wed Mar 29 21:05:59 UTC 2017
The purpose of SPF is to REJECT messages before the data phase. This cannot be done if you are checking the RFC-822 From: header since that requires accepting the message and invalidates the entire purpose of SPF.
I have never seen an SPF implementation that uses the RFC-822 header From. Doing so would be pointless.
> -----Original Message-----
> From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Grant Taylor via
> Sent: Wednesday, 29 March, 2017 09:26
> To: nanog at nanog.org
> Subject: Re: Microsoft O365 labels nanog potential fraud?
> On 03/29/2017 09:12 AM, William Herrin wrote:
> > Both SPF and DKIM are meant to be checked against the domain in the
> > envelope sender (SMTP protocol-level return address) which the NANOG
> > sets to nanog-bounces at nanog.org. Checking against the message header
> > address is an incorrect implementation which will break essentially all
> > mailing lists.
> That may be what the original intent was.
> Every SPF implementation I've seen has checked the SMTP envelope FROM
> address /and/ the RFC 822 From: header address.
> Granted, that does not mean that it's the correct behavior.
> Grant. . . .
> unix || die
More information about the NANOG