[RFCI-Discuss] Yahoo break RFC
Derek J. Balling
dredd at megacity.org
Fri Nov 2 00:33:59 EDT 2007
On Nov 1, 2007, at 11:23 PM, Frank Ellermann wrote:
> ACK. However Jeff talked about a mail claiming to be from gmail.com
> forged by Yahoo. AFAIK the gmail.com SPF policy is PASS or NEUTRAL,
> therefore Yahoo's forgery only results in NEUTRAL, not in FAIL. In
> other words Gmail still permits to forge Gmail addresses. It would
> very stupid to reject all NEUTRAL mails.
Then gmail is fine with people forging gmail addresses. If gmail wants
to stop it, they can change the default policy to "FAIL".
Seems simple enough to me.
Cheers,
D
More information about the RFCI-Discuss
mailing list