I saw a few threads on google that brought up a question. When a user sends mail to a mailing list that will then be echo'ed out from that lists MTA, one would expect that the mail "envelope" meets the SPF for the domain it claims to be sending from.
So if a list called "[email protected]" recieves a submission by me "[email protected]" that it would construct an SMTP envelope where the "mail from:" directive is from the e-mail address: <[email protected]> and comes from an MTA that meets the SPF declaration: "v=spf1 ip4:12.31.165.64/27 ip4:208.48.95.16/28 ip4:216.34.181.0/24 include:gmail.com ?all" I know the ehlo <sending fqdn> is not often properly filled in, and SPF is usually tuned to allow failures here. Now I see that this list itself builds the envelope "mail from:" to be the end user that sent the submission. Doesn't this risk getting trashed? Nick -- Nick Ellson CCIE# 20018 MCSE 2000, Security+, Network+ Network Hobbyist, VFR Private Pilot. ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
