On Thu, 21 Aug 2008 06:51:53 pm Alessandro Vesely wrote: > Well, it has been the source *many* discussions, and many consider this to > be the weakest point of SPF. Actually, it is the weakest point of mail > forwarding, see > http://en.wikipedia.org/wiki/E-mail_forwarding#Historical_development_of_email_forwarding
Excellent link, thank you. > Trying to make a long story short, > > * if your business is massive email forwarding, you need SRS to regain > control on dynamically building the return-path, which rfc1123 broke, > > * if someone having access to user's directory manually writes a forwarding > recipe, use maildrop and set -f to the recipe writer's or postmaster address, > > * except when forwarding to the same server: In this case _alias expansion_ > (i.e. w/o -f, as opposed to _list expansion_, the two forwarding methods > that the SMTP specs provide for) is just fine. > > That state of affairs is obviously wrong... Absolutely. A sidebar at http://www.openspf.org/SRS says... RFC 1123 introduced two very convenient but easily abused features: relaying without regard to recipient (open relays) and forwarding without regard to sender. Both features have been abused to the point of unusability. Open relays have been suppressed via blacklisting. SPF stops forwarding without rewriting, but it does so on an opt-in basis. If you, as a recipient do not check SPF, then you can continue to use forwarding without rewriting the sender as before. However, if you do check SPF, and you wish to reject messages that fail SPF, then you must do one of two things to avoid rejecting legitimate mail: . whitelist forwarder IP addresses . use forwarders that rewrite the sender There is a SRS library at http://www.libsrs2.org/ and down the bottom it says "Write or maintain patches against MTAs?" with courier being mentioned. So... a) if one does not already exist, is anyone interested in a SRS patch for courier based on this (or any other) library ? b) Sam, if such a patch existed, is there any possibility that it could be considered for official inclusion in courier ? --markc ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users