The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM/cpanel renders SPF records useless!

Discussion in 'General Discussion' started by cyberspirit, Apr 28, 2004.

  1. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    WHM/cpanel renders DNS TXT records useless!

    Dues to a bug in WHM's DNS editor all SPF records become useless and your outgoing email might bounce!

    Normally entered spaces in TXT fields in a zone file should be stored as such and sent to the client who does a lookup.

    For example this SPF record in a TXT field is correct:

    domain.com IN TXT v=spf1 a -all 28397s

    this is what WHM makes out of it:

    domain.com IN TXT v=spf1a-all 28397s

    as you can see all spaces are deleted and therefor this field no longer is valid!

    I submitted a bug and hope the cpanel team will jump on this quickly since SPF is used to cut down on spam http://spf.pobox.com
    and right now cpanel/WHM is not only not helping the effort but actually hindering it!
     
    #1 cyberspirit, Apr 28, 2004
    Last edited: Apr 30, 2004
  2. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    I have actually reopened that bug since my bug report is about non-rfc compliant handling of TXT fields in zone files by WHM and not just SPF specific.

    As far as your comment about SPF never working, well you are allowed to have your opinion. It just shows me that you are completely out of touch whith what is going on the behind the scene of SPF and SMTPi.
    Nay-sayers like you will always kill new proposals because they are not perfect yet. And if someone like you would have been in charge of developing ethernet I guess we would still be running token-ring.
     
  3. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    Your latest post just shows more how out of touch you are with the issue. more and more isp stop to block port 25 because it has created more hassles than help, and all of that before spf was even around. auth smtp is the way to go and a lot of isps have recognized that.
    but besides that, over 6000 domains have published spf record. And according to my contacts at the AOL postmaster office, with a lot of success, to block spoofed spam and all the illegal returns.
    Here is a list of major backers of spf:
    AOL.com Altavista.com DynDNS.org E!Online.com (the ! is silent) GNU.org LiveJournal.com MotleyFool.com OReilly.com Oxford.ac.uk PairNIC.com Perl.org PhilZimmermann.com SAP.com Symantec.com Ticketmaster.com w3.org and of course foo.com

    And recently several publications wrote about spf in a very favorable way, including Linux Journal.
    So now are you still trying to tell all of us how bad this is?
    Perhaps you are a genius who has not been discovered yet?
    And how about fixing the link in your signature? The cpanel page "There is no website configured at this address." is not really a good example for a "Sr Network Engineer", lol
     
    #3 cyberspirit, Apr 29, 2004
    Last edited: Apr 29, 2004
  4. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    so, 6000 out of 600,000,000? Wow thats some thing to take seriously :p
     
  5. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    Yes, it actually is if you look at who is backing it and for how much email traffic they stand for and in what period of time they got the 6000 domains. I saw a new number that is actually over 10,000 so it is growing fast.
    Nobody had to use SPF if you do not want to - but do you have a better idea or proposal? Please step forward!
     
  6. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    Yeah, just take spammers out back and shoot em
     
  7. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    Yeah B12,
    That really solves the problem, I guess you just showed you do not have any solution to offer, just to complain about the ones who work hard to bring one forward.

    By the way, nice website you guys have, just a little bit outdated?

    I found this here in your "About us" and got a kick out of it - I guess you have not done any updating to it in the last years?

    "What We Use:

    We use Red Hat Linux and Cpanel 6. For our resellers we use a WHM interface in order for our customers to administer and manage their clients. Our server is located in San Antonio Texas (USA). This is a perfect place for it, because of its known lack of natural disasters, and its remote location away from major cities and potential threats."
     
  8. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    Yeah, its is outdated. :p

    Personally, I dont care enough to do anything. It doesnt bother me that much. I just block em the first time, and never have to deal with it again. Who cares about em. If you are big ISP then I could see the need, but who here is a big ISP?

    And the problem is not with the possible solutions being developed, it is with the people doing the initial acts. Spammers will always spam, no matter what you do, no matter what system is in place, some one will always find a way to circumvent it. Its just human nature. Thats what we do, when some one tries and stop us, even if it is for the better good, our pride and our wallet make us find a way to go back and detrement society yet again and again.

    I applaud those who do work to try and stop it, weather they are successfull or not, but I do believe its a loosing battle.
     
    #8 B12Org, Apr 30, 2004
    Last edited: Apr 30, 2004
  9. athakur999

    athakur999 Registered

    Joined:
    Jan 13, 2004
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Dallas, TX, USA
    SPF is great for big ISPs, but it's useful for anyone. It provides some protection against joe jobs for example. It'd be much harder for somone to try and tarnish your business's reputation if you published SPF records. They wouldn't be able to use a random mail relay or trojaned computer since they wouldn't match your SPF entries.
     
  10. chrisbond

    chrisbond Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Hereford, United Kingdom
    I have to agree this this comment you think about yahoo.com and hotmail publishing there SPF, they will stop a LOT of spam if you have the SPF integeration on your server. Theres more and more of the big guys installing spf on there DNS.
     
  11. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    if you actually think about what SPF really does then you will come to understand that using SPF to filter incoming mail is of more benefit for the small company than the large ISP.
    Why?
    well spammers love to fake email addresses from the big guys like AOL or Hotmail or Yahoo. So the chance that you catch fake email from these ISPs by using SPF to filter is higher than for AOL to filter fake email that is sent with an email address of the little guy.
     
Loading...

Share This Page