The MAIL-FROM authentication method checks the content of the RFC822 From header of an update request against the regular expression specified in the maintainer object "auth" field. If the regular expression matches the content of the From header, the update request is authenticated successfully.
mntner: MAINT-AS1234 descr: Company's Name admin-c: AC1 tech-c: TC1 upd-to: admin@customer.com auth: MAIL-FROM controller@customer.com notify: admin@customer.com mnt-by: MAINT-AS1234 changed: admin@customer.com 20010326 source: BBOI
The "auth" value can be either an exact value such as
auth: MAIL-FROM someone@somewhere.org
or can be a regular expression such as
auth: MAIL-FROM .*@.*somewhere.org
The regular expressions supported are described in POSIX 1003.2 section 2.8. Note that the matching is applied to the whole content of the From header, including comments if present -- no attempt is made to isolate the mailbox part. Regular expression usage is recommended if several people are authorized to submit objects and/or the From address is different depending on the host machine from which the mail is sent.
The MAIL-FROM authentication scheme is not a very secure scheme. Forging RFC822 headers does not take much effort or ingenuity. The scheme offers a way to protect the integrity of the IRR by preventing accidental updates rather than allowing updates that need to be removed later.