Ben Kamen wrote:
Richard Laager wrote:..snip...
That's just it - if your sales guy is at hotel with his laptop, he could use AUTH/STARTTLS and actually relay through his company's mail server. Thus the email from [EMAIL PROTECTED] would be delivered by mail.acmewidgets.com to where it needed to go... SPF would be valid. This no bounce at the destination.
this assumes that whatever ISP the sales guy is using at the access point doesn't block out-going port 25, like many ISPs have been known to do.
You'd then have to configure the mail servers to accept connections on a n alternate port (that's not likely to be blocked by ISPs) and you'll also have to configure the sales guy's laptop to connect to your server on that specified port.
So the second part below wouldn't even be an issue.
If the people at example.com have setup their SPF record to say that mail from unlisted networks should be bounced, the message will be bounced. If they've said it should be subject to additional checks, but not outright rejected, it will be accepted and the SpamAssassin score increased. The behavior is exactly per their setup.
if whoever is providing the service for the access point has the policy of "you must route all mail through our mail servers" then this certainly does become an issue.
I think the biggest hurdle is to get everyone in the internet community responsible for the configuration of mail servers to a) agree on configuration policies and b) actually implement them.
my 2 yen worth
alan _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
