[linux-elitists] Is Pobox.com using SPF?

Rick Moen rick@linuxmafia.com
Tue Mar 30 16:01:14 PST 2004


Attempts to communicate with Pobox.com continue.


 Date: Tue, 30 Mar 2004 15:37:34 -0800
 From: Rick Moen <rick@linuxmafia.com>
 To: Pobox Customer Support <pobox@pobox.com>
 Cc: mengwong@dumbo.pobox.com
 Subject: Re: Physician, Heal Thyself [PTN.20040326.0144J]

Quoting Pobox Customer Support (pobox@pobox.com):

> SPF is an optional spam filter on Pobox.com accounts.

SPF is a simple Pobox.com-designed DNS reference record (RR) type for
authenticating what IP addresses are authorised MX hosts for one's DNS
domain.

I would appreciate it if you would please check with your bosses, on
that.  Here is a basic outline:

Your firm's SMTP host, kelvin.pobox.com, received an SMTP stream with
forged headers purporting to be from my MTA.  kelvin.pobox.com _should_
at that point have checked the alleged sender's DNS for an SPF record.
Having done so, it would have detected the mail as forged and not
processsed it further.  After all, Pobox.com invented SPF for exactly
that purpose.

kelvin.pobox.com unfortunately did _not_ check for an SPF RR, but
instead passed it to a second MTA, at mail.lethe.tartarus.org , which
did 554 reject based on malware content.  kelvin.pobox.com then did a
second bit of stupidity, generating a bounce message to the forged,
alleged sender (me).  (But avoiding the first error would have averted
the second.)

Because Pobox.com is the inventor and primary advocate of SPF records to
the global Internet, it has no excuse for this sort of ineptitude and
malfeasance.  My point is that Pobox.com needs to correct this, pronto.

It is irrelevant to that point who did, or did not, have your firm's
"Spam Protection service" turned on.  Ditto your users' "account rules".

Please escalate this matter to your firm's sysadmins:  You guys are
embarrassing yourselves in front of the _rest_ of the world's sysadmins,
and your admin staff need to take corrective action.  (This matter is
outside the scope of the Customer Service department you are in.)

I thank you for your time.

 -- 
Cheers,
Rick Moen                      "vi is my shepherd; I shall not font."
rick@linuxmafia.com                               -- Psalm 0.1 beta



----- Forwarded message from Pobox Customer Support <pobox@pobox.com> -----

 Date: Tue, 30 Mar 2004 17:06:50 -0500
 From: Pobox Customer Support <pobox@pobox.com>
 To: Rick Moen <rick@linuxmafia.com>
 Subject: Re: Physician, Heal Thyself [PTN.20040326.0144J]

Hello Mr. Moen:

SPF is an optional spam filter on Pobox.com accounts.  We only implement
SPF checking for customers who are using our Spam Protection service.
This customer who originally received the virus that appears to have
come from you did not have Spam Protection on.  If they had it on, it
definitely would have been caught and discarded based on the user's
account rules.  We are not yet forcing our customers to use this service
so in this situation we attempted to forward it on to the forwarding
address.

I'm not sure if I'm being completely clear here, so if you have any
questions please let me know.

Cheers,
 Jennifer Schival
 Customer Service
 pobox@pobox.com
 http://www.pobox.com



[RM notes: further bottom quoting snipped]



More information about the linux-elitists mailing list