> Recent change to SPF checking in ASSP has seen a lot of bogus > bank emails and tax refunds blocked which I am happy about.
There's a problem, though, it may (and does) break some ML messages; see, with previous "regular SPF" checks acting on the envelope sender (as for SPF documents), a mailing list was able to send a message this way (e.g.) MAIL FROM: <[email protected]> Return-Path: <[email protected]> Errors-To: <[email protected]> From: <[email protected]> To: <[email protected]> Reply-To: <[email protected]> but now, if the same ML tries to send a message and if the "otherdomain.net" publishes an SPF record (and performs SPF checks) the same message will be refused due to SPF failure since (if I got it right), ASSP will also check the "MIME From" and not just the envelope from So, I'm respectfully asking Thomas to add an option to ASSP which will allow to disable this new behaviour and let the SPF checks only works on the envelope data ... then, by the way, who wants to also check the "MIME" data will still be able to do so by leaving the option enabled Thanks ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
