headers
spf-discuss | 1 Jul 2007 06:00
Favicon

SPF Mail Summary Report

                    iMail News Gateway Server v3.1                    
          (c) Copyright 1996-2005 Santronics Software, Inc.           

                        Mail Forum Statistics                         
                Date Range : 24 Jun 2007 - 28 Jun 2007
                Report Date: 01 Jul 2007

----------------------------------------------------------------------
Total Summary:
----------------------------------------------------------------------

Total Forums          : 2
Total Messages        : 23
Total Participants    : 16
Total Vendor Postings : 0
Total Mail/No Replies : 12  (52%)
          6+ Days Old : 7    4+ Days Old: 3
          2+ Days Old : 2    1 Day Old  : 0
Busiest Posting Hour  : 11am  (7 msgs)
Busiest Posting Day   : Monday  (11 msgs)

+-[ Hourly Posting Pattern ]----------------------+
|                       *                         |
|                       *                         |
|                       *                         |
|                     * *                         |
|                     * *                         |
| *                   * *                         |
| *                   * *                         |
| *                   * *                         |
(Continue reading)

Permalink | Reply | 0 comments |
headers
spf-discuss | 8 Jul 2007 06:00
Favicon

SPF Mail Summary Report

                    iMail News Gateway Server v3.1                    
          (c) Copyright 1996-2005 Santronics Software, Inc.           

                        Mail Forum Statistics                         
                Date Range : 01 Jul 2007 - 05 Jul 2007
                Report Date: 08 Jul 2007

----------------------------------------------------------------------
Total Summary:
----------------------------------------------------------------------

Total Forums          : 2
Total Messages        : 41
Total Participants    : 19
Total Vendor Postings : 0
Total Mail/No Replies : 8  (19%)
          6+ Days Old : 2    4+ Days Old: 3
          2+ Days Old : 3    1 Day Old  : 0
Busiest Posting Hour  : 4am  (6 msgs)
Busiest Posting Day   : Thursday  (15 msgs)

+-[ Hourly Posting Pattern ]----------------------+
|         *               *                       |
|         *               *                       |
|         *             * *                     * |
|         *             * *                     * |
|         *             * *     *               * |
| *   *   *             * *     *               * |
| *   *   *             * *     *               * |
| *   *   *           * * * *   *               * |
(Continue reading)

Permalink | Reply | 0 comments |
headers
Scott Kitterman | 10 Jul 2007 05:53

Updated Python Policy Server for Postfix (Version 0.4)

I've updated the Python policy server to version 0.4.  The most significant
changes in this release are:

1.  Implementation of a configuration file and a variety of receiver policy 
options that can be set via the config file.  You can also do things like 
call the policy server with one config file that specifies HELO checking only 
and then call it again with a second config file that specifies Mail From 
checking only.  This will get you SPF received headers in your non-rejected 
mail for both identities (which should be usable by SpamAssassin 3.2).

2.  Implementation of an SPF whitelist by IP in the config file.

With this release, the Python policy server now has all the functionality of 
the Perl server plus the addition of the different receiver policy options.

Details of all the changes are in the package changelog.

For the release, please see:

http://www.openspf.org/Software

The package has already been uploaded to Debian Unstable and will be synced 
into Ubuntu shortly for their next release.  I appreciate the past help with 
getting this into OpenSuse.  I have not tagged the opensuse spec file (it's 
still on the Trunk).  If anyone would be willing to work on getting this (and 
an updated pyspf) into Fedora, please let me know, we need a volunteer.

Scott K

-------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dotzero | 10 Jul 2007 15:26
Picon

FTC Spam Summit

If anyone else is attending the FTC Spam Summit -
http://ftc.gov/bcp/workshops/spamsummit/index.shtml, feel free to
introduce yourself. I'll be the fellow gimping around wearing a knee
immobilizer.

Looks like SPF is basically being ignored (unless you count SID as SPF).

Not really seeing anything that reeks of new, innovative and effective.

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com
Permalink | Reply | 1 comment |
headers
Jeff Macdonald | 10 Jul 2007 15:33
Favicon

Re: FTC Spam Summit

It might be helpful to know your real name. :)

On Tue, Jul 10, 2007 at 09:26:47AM -0400, Dotzero wrote:
> If anyone else is attending the FTC Spam Summit -
> http://ftc.gov/bcp/workshops/spamsummit/index.shtml, feel free to
> introduce yourself. I'll be the fellow gimping around wearing a knee
> immobilizer.
> 
> Looks like SPF is basically being ignored (unless you count SID as SPF).
> 
> Not really seeing anything that reeks of new, innovative and effective.
> 

The first panel has an interesting participant.

--

-- 
:: Jeff Macdonald | Principal Engineer, Messaging Technologies
:: e-Dialog | jmacdonald <at> e-dialog.com
:: 131 Hartwell Ave. | Lexington, MA 02421 
:: v: 781-372-1922 | f: 781-863-8118 
:: www.e-dialog.com

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com
(Continue reading)

Permalink | Reply | 0 comments |
headers
Meng Weng Wong | 13 Jul 2007 03:53
Picon
Favicon
Gravatar

Authentication + Reputation = Accountability

Cross-posted to the SPF and Karmasphere lists ...

On Jul 12, 2007, at 12:45 PM, Meng Weng Wong wrote:
>
> Those of you who have been following the authentication movement  
> will remember that reputation was always part of the plan.
>
> It is the job of SPF/DKIM/etc to provide authentication.
>
> Karmasphere's job is to provide reputation.
>

I have had a huge grin on my face for the last half an hour.

Why?

This afternoon I finally got up to speed with SpamAssassin's meta-rules.

and I just now got this report in my headers:

  * -0.0 SPF_PASS SPF: sender matches SPF record
  * -0.0 KS_REPUTABLE_DOMAIN_DNS RBL: Envelope sender in mengwong  
whitelist feedset
  * -123 AUTH_ACCOUNTABLE Envelope sender is both authenticated and  
reputable

What does it mean?  An SPF pass, on its own, means little; an RHSWL  
match, on its own, means little; but together, they mean a lot.

To obtain that score of -123, the message has to pass SPF and the
(Continue reading)

Permalink | Reply | 2 comments |
headers
Daryl C. W. O'Shea | 13 Jul 2007 09:21
Picon

Re: Authentication + Reputation = Accountability

Meng Weng Wong wrote:

> Here's the snippet from my local.cf that does this:
> 
>   # karmasphere domain-based whitelist
>   header   KS_REPUTABLE_DOMAIN_DNS    
> eval:check_rbl_envfrom('mengwong.manywl-v1', 
> 'mengwong.manywl-v1.dnswl.karmasphere.com.')
>   describe KS_REPUTABLE_DOMAIN_DNS    Envelope sender in mengwong 
> whitelist feedset
>   tflags   KS_REPUTABLE_DOMAIN_DNS    net
> 
>   score KS_REPUTABLE_DOMAIN_DNS -0.01

Since it's a whitelist query you'll want to add 'nice' to the tflags, 
not that it'll really make a difference in an end-user config.

>   meta     AUTH_ACCOUNTABLE   ((SPF_PASS || DKIM_VERIFIED || 
> DK_VERIFIED) && KS_REPUTABLE_DOMAIN_DNS)
>   describe AUTH_ACCOUNTABLE   Envelope sender is both authenticated and 
> reputable
>   tflags   AUTH_ACCOUNTABLE   userconf nice noautolearn
> 
>   score AUTH_ACCOUNTABLE -123

That rule is exploitable so I wouldn't give it a score of -123. :(

If I set the envelope from to a domain on the whitelist it doesn't 
matter that it may fail an SPF check as long as I DKIM sign it myself 
and it verifies.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Julian Mehnle | 13 Jul 2007 11:39
Gravatar

Re: Authentication + Reputation = Accountability


Meng Weng Wong wrote:
> On Jul 12, 2007, at 12:45 PM, Meng Weng Wong wrote:
> > Those of you who have been following the authentication movement
> > will remember that reputation was always part of the plan.
> >
> > It is the job of SPF/DKIM/etc to provide authentication.
> >
> > Karmasphere's job is to provide reputation.
>
> [...]
> I am tremendously pleased.  For me, this is the culmination of
> several years of work: SPF offers authentication, and Karmasphere
> offers reputation.  Together, they fight spam!

Congrats, Meng!  Great job!

Daryl C. W. O'Shea wrote:
> In any case, if I were going to do this (and I actually do), I would
> have the DNSWL return (set whatever bit) what auth method that the
> domain is expected to use so that you can only accept SPF for domains
> known to use SPF and DKIM for domains known to use DKIM, etc.

We really should get SPFv3 started so domains can declare their use of IP- 
address-based authorization (AKA SPF Classic) and/or other auth methods 
such as DKIM.
Permalink | Reply | 0 comments |
headers
Stuart D. Gathman | 14 Jul 2007 17:14

SPF IRC chat

I have been unable to connect to irc.pobox.com for the last few weeks.  
Where does SPF chat reside these days?  I am able to connect to other IRC 
servers.  (It is about time for me to learn how to set up a jabber 
server.)

--

-- 
	      Stuart D. Gathman <stuart <at> bmsi.com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com
Permalink | Reply | 3 comments |
headers
Meng Weng Wong | 14 Jul 2007 19:22
Picon
Favicon
Gravatar

Re: SPF IRC chat

On Jul 14, 2007, at 8:14 AM, Stuart D. Gathman wrote:

> I have been unable to connect to irc.pobox.com for the last few weeks.
> Where does SPF chat reside these days?  I am able to connect to  
> other IRC
> servers.  (It is about time for me to learn how to set up a jabber
> server.)

irc.pobox.com -> irc.perl.org

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com
Permalink | Reply | 0 comments |

Gmane