SPF is in its infancy, and the current "implementation" breaks things like forwarders and bounce handling in certain (and common) situations. AOL recently tried implementing an SPF-like system but has had to scale it back due to issues with this.
For example, someone with an aol.com return address emails someone at example.com, which then forwards to another account at aol.com. AOL doesn't accept it because it's from an aol.com address but coming from example.com's server. Bounce, which will happen to show that the final destination was an aol.com address (potentially embarrassing to some :). It is unreasonable for aol.com to know and approve every "example.com" which may exist out there (or perhaps it's unreasonable for every domain to have to get approved, depending on how you look at it). One suggestion is to forward the mail from an account at example.com, but this presents issues with bounce handling and preserving the (possibly desired) anonymity of the forwarding service. The forwarding server would have to keep track of each forward or enclose the actual sender address in the "new" sender address . This means that even servers that have nothing to do with SPF would have to be "fixed" before schemes like SPF can really work. People are working on the issues, but it's not something I'd be jumping into w/out a lot of research and thought. I've followed some good discussions on the Postfix mailing list (http://www.postfix.org/lists.html). Wietse Venama (postfix author) brings up the main problematic issues which I've yet to see anyone address in any concrete manner. Cheers, -Max At 1/11/2004 05:28 PM -0500, Howie Hamlin wrote: >This would require enhancements to the RBL engine but it's definitely doable. More >than likely, this would be in version 2.7 or 2.8. This week we're releasing updates >to v2.5 and 2.6 and then development will begin on 2.7 which will supoprt Blue Dragon. > >BTW - do you know of any domains that already have SPF records in place? > >Regards, > >Howie > >----- Original Message ----- >From: "Michael Dinowitz" <[EMAIL PROTECTED]> >To: "inFusion Support List" <[EMAIL PROTECTED]> >Sent: Saturday, January 10, 2004 6:24 PM >Subject: [iMS] Sender Permited From > > >> This is the 'official' protocol (I have a version of my own). Any thoughts of >> this going into iMS? >> http://spf.pobox.com/ >> >> -- >> Michael Dinowitz >> Finding technical solutions to the problems you didn't know you had yet >> ==^======================================================= This list server is Powered by iMS "The Swiss Army Knife of Mail Servers" -------------------------------------------------------------------------------------- This list is provided as a free service. Although we will try to address issues in a timely manner, support via this list is not guaranteed. If you require expedited support then a support contract is required. Support may be purchased from http://www.coolfusion.com/commerce. Details regarding support options may be reviewed at: http://www.coolfusion.com/SupportOptions.cfm -------------------------------------------------------------------------------------- To leave this list please complete the form at http://www.coolfusion.com/Support/ Need an iMS Developer license? Sign up for a free license here: http://www.coolfusion.com/Developers/ List archives: http://www.mail-archive.com/infusion-email%40eoscape.com/ Note: You are subscribed as [EMAIL PROTECTED] ==^=======================================================
