MAIL-FROM Authentication

The MAIL-FROM authentication method checks the content of the RFC822 From header of an update request against the regular expression specified in the maintainer object "auth" field. If the regular expression matches the content of the From header, the update request is authenticated successfully.

   mntner:      MAINT-AS1234
   descr:       Company's Name
   admin-c:     AC1
   tech-c:      TC1
   auth:        MAIL-FROM
   mnt-by:      MAINT-AS1234
   changed: 20010326
   source:      BBOI

The "auth" value can be either an exact value such as


or can be a regular expression such as

auth: MAIL-FROM .*@.*

The regular expressions supported are described in POSIX 1003.2 section 2.8. Note that the matching is applied to the whole content of the From header, including comments if present -- no attempt is made to isolate the mailbox part. Regular expression usage is recommended if several people are authorized to submit objects and/or the From address is different depending on the host machine from which the mail is sent.

The MAIL-FROM authentication scheme is not a very secure scheme. Forging RFC822 headers does not take much effort or ingenuity. The scheme offers a way to protect the integrity of the IRR by preventing accidental updates rather than allowing updates that need to be removed later.

Back to Table Of Contents