ghopp
/
server_playground
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Another abandoned server code base... this is kind of an ancestor of taskrambler.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 Commits
1 Branch
0 Tags
51 MiB
 
 
 
 
 
 
Tree: 2e46b5c249
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2e46b5c249'
${ noResults }
server_playground/doc/www.w3.org/Mail/spf/index.html

181 lines
10 KiB
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Email Forgery Prevention Using SPF - W3C</title><link rel="stylesheet" href="/2008/site/css/minimum" type="text/css" media="handheld, all" /><style type="text/css" media="print, screen and (min-width: 481px)" xml:space="preserve">
@import url("/2008/site/css/advanced");
</style><link href="/2008/site/css/minimum" rel="stylesheet" type="text/css" media="handheld, only screen and (max-device-width: 480px)" /><meta name="viewport" content="width=device-width" /><link rel="stylesheet" href="/2008/site/css/print" type="text/css" media="print" /><link rel="shortcut icon" href="/2008/site/images/favicon.ico" type="image/x-icon" /></head><body id="www-w3-org" class="w3c_public"><div id="w3c_container">
<div id="w3c_mast">
<h1 class="logo">
<a tabindex="2" accesskey="1" href="/"><img src="/2008/site/images/logo-w3c-mobile-lg" width="90" height="53" alt="W3C" /></a>
<span class="alt-logo">W3C</span>
</h1>
<div id="w3c_nav">
<form action="/Help/search" method="get" enctype="application/x-www-form-urlencoded"><div class="w3c_sec_nav"><!-- --></div><ul class="main_nav"><li class="first-item">
<a href="/standards/">Standards</a>
</li><li>
<a href="/participate/">Participate</a>
</li><li>
<a href="/Consortium/membership">Membership</a>
</li><li class="last-item">
<a href="/Consortium/">About W3C</a>
</li><li class="search-item">
<div id="search-form">
<input tabindex="3" class="text" name="q" value="" title="Search" type="text" />
<button id="search-submit" name="search-submit" type="submit"><img class="submit" src="/2008/site/images/search-button" alt="Search" width="21" height="17" /></button>
</div>
</li></ul></form>
</div>
</div>
<div id="w3c_main">
<div id="w3c_logo_shadow" class="w3c_leftCol">
<img height="32" alt="" src="/2008/site/images/logo-shadow" />
</div>
<div class="w3c_leftCol"><h2 class="offscreen">Site Navigation</h2>
<h3 class="category"><span class="ribbon"><a href="/Mail/" title="Up to Mailing Lists">Mailing Lists <img src="/2008/site/images/header-link" alt="Header link" width="13" height="13" class="header-link" /></a></span></h3>
<ul class="theme">
<li><a href="/Mail/FAQ.html">FAQ</a></li>
<li><a href="/Mail/subject-tagging.html">On Subject Tagging</a></li>
<li><a href="/Mail/ArchiveEditingPolicy.html">Archive Editing Policy</a></li>
<li><a href="/Mail/Request.html">Managing Mailing List Subscriptions</a></li>
<li><a href="/2002/03/email_attachment_formats.html">Guidelines for Attachments</a></li>
<li><a class="current">Email Forgery Prevention Using SPF</a></li>
</ul>
<br /></div>
<div class="w3c_mainCol">
<div id="w3c_crumbs">
<div id="w3c_crumbs_frame">
<ul class="bct"> <!-- .bct / Breadcrumbs -->
<li class="skip"><a tabindex="1" accesskey="2" title="Skip to content (e.g., when browsing via audio)" href="#w3c_content_body">Skip</a></li>
<li><a href="/">W3C</a> <span class="cr">»</span> </li>
<li><a href="/participate/">Participate</a> <span class="cr">»</span> </li>
<li><a href="/participate/discussion.html">Mail, News, Blogs, Podcasts, and…</a> <span class="cr">»</span> </li>
<li><a href="/Mail/">Mailing Lists</a> <span class="cr">»</span> </li>
<li class="current">Email Forgery Prevention Using SPF</li>
</ul>
</div>
</div>
<h1 class="title">Email Forgery Prevention Using SPF</h1>
<ul class="w3c_toc"><li class="toc_prefix">On this page → </li><li><a href="#howto">how to avoid forgeries from your site</a><span class="bullet"> • </span></li><li><a href="#w3c-records">W3C's SPF Records</a></li></ul>
<div id="w3c_content_body">
<div class="line">
<p class="intro tPadding">
W3C has deployed <a href="http://www.openspf.org/">SPF (Sender Policy
Framework)</a> to prevent email forgeries. Our mail hubs reject forged
mail according to SPF records published by domain owners, and we have
published SPF records indicating which servers are authorized to send
email claiming to be from w3.org. See below for more information about:
</p>
<h2 id="howto">How to Avoid Forgeries from Your Site</h2>
<p>
If you are concerned about email forged to appear from your site, you can
<a href="http://www.openspf.org/whatdoes.html">publish an SPF record</a>
(or ask your system administrators or ISP to publish one on your behalf)
and our email servers will automatically start to reject forgeries that
claim to be from your site.
</p>
<p>
<em>This endorsement is not without some reservations. While
Jonathan de Boyne Pollard's <a href="http://homepages.tesco.net/~J.deBoynePollard/FGA/smtp-spf-is-harmful.html">essay on problems with SPF</a> overstates the case in some places,
the point about <a href="http://homepages.tesco.net/~J.deBoynePollard/FGA/smtp-spf-is-harmful.html#HijackTXTResourceRecordType">squatting
on TXT records</a> is a concern we share.</em>
</p>
<h2 id="w3c-records">W3C's SPF records</h2>
<dl><dt>
<a href="http://www.openspf.org/wizard.html?mydomain=w3.org">The SPF
record for w3.org</a>
</dt><dd>
<p>provides a list of servers that are authorized to send mail on behalf
of w3.org.</p>
<p>
This record ends in <code>~all</code>, which means "<a href="http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-02.html#anchor10">softfail</a>".
Due to issues with SPF and mail forwarding, we intend to leave our SPF
record in this state for the forseeable future, so our record is useful
mainly for whitelisting. (mail with an 'SPF pass' status from w3.org is
most likely legitimate, but other mail can be subject to more scrutiny,
e.g. using heuristic-based filters.)
</p>
</dd><dt>
The SPF records for <a href="http://www.openspf.org/wizard.html?mydomain=w3c.org">w3c.org</a> and <a href="http://www.openspf.org/wizard.html?mydomain=www.org">www.org</a>
</dt><dd>
<p>
indicate that those domains are never valid senders of email, so any
mail claiming to originate there should be rejected. </p>
</dd></dl>
</div>
</div>
</div>
</div>
</div><div id="w3c_footer">
<div id="w3c_footer-inner">
<h2 class="offscreen">Footer Navigation</h2>
<div class="w3c_footer-nav">
<h3>Navigation</h3>
<ul class="footer_top_nav"><li>
<a href="/">Home</a>
</li><li>
<a href="/standards/">Standards</a>
</li><li>
<a href="/participate/">Participate</a>
</li><li>
<a href="/Consortium/membership">Membership</a>
</li><li class="last-item">
<a href="/Consortium/">About W3C</a>
</li></ul>
</div>
<div class="w3c_footer-nav">
<h3>Contact W3C</h3>
<ul class="footer_bottom_nav"><li>
<a href="/Consortium/contact">Contact</a>
</li><li>
<a accesskey="0" href="/Help/">Help and FAQ</a>
</li><li>
<a href="/Consortium/sponsor/">Sponsor / Donate</a>
</li><li>
<a href="/Consortium/siteindex">Site Map</a>
</li><li>
<address id="w3c_signature">
<a href="mailto:site-comments@w3.org">Feedback</a> (<a href="http://lists.w3.org/Archives/Public/site-comments/">archive</a>)</address>
</li></ul>
</div>
<div class="w3c_footer-nav">
<h3>W3C Updates</h3>
<ul class="footer_follow_nav"><li>
<a href="http://twitter.com/W3C" title="Follow W3C on Twitter">
<img src="/2008/site/images/twitter-bird" alt="Twitter" width="78" height="83" class="social-icon" />
</a>
<a href="http://identi.ca/w3c" title="See W3C on Identica">
<img src="/2008/site/images/identica-logo" alt="Identica" width="91" height="83" class="social-icon" />
</a>
</li></ul>
</div>
<p class="copyright">Copyright © 2012 W3C <sup>®</sup> (<a href="http://www.csail.mit.edu/">
<acronym title="Massachusetts Institute of Technology">MIT</acronym>
</a>, <a href="http://www.ercim.org/">
<acronym title="European Research Consortium for Informatics and Mathematics"> ERCIM</acronym>
</a>, <a href="http://www.keio.ac.jp/">Keio</a>) <a href="/Consortium/Legal/ipr-notice">Usage policies apply</a>.</p>
</div>
</div><!-- Generated from data/scripts.php, ../../smarty/{scripts.tpl} --><!-- At the bottom for performance reasons --><div id="w3c_scripts">
<script type="text/javascript" src="/2008/site/js/main" xml:space="preserve"><!-- --></script>
</div></body></html>