> > > >Let's say that I work for a hypothetical ACME Widgets, Inc. My e-mail > > > >address is [EMAIL PROTECTED] A potential customer, > > > >[EMAIL PROTECTED], tries to send me an e-mail message from his laptop > > > >using a public access point in his hotel. The network he's on is not > > > >listed as an allowed relay for example.com, according to their SPF > > > >record. My administrator (at acmewidgets.com) is honoring SPF > > > >records. What happens? > > > > > > That's just it - if your sales guy is at hotel with his laptop, he could > > > use AUTH/STARTTLS and actually relay through his company's mail server. > > > Thus the email from [EMAIL PROTECTED] would be delivered by > > > mail.acmewidgets.com to where it needed to go... SPF would be valid. > This > > > no bounce at the destination. > > > > You try and tell that to thousands of customers. Who had their laptops > > set up in 1997 by a company that has long gone bankrupt. And will sue > > you if suddenly their email isnt working anymore :) > > > > Welcome to the world of ISPs :) > > > > I assume you mean that you're an ISP and that you've "acquired" customers > from a now-defunct ISP and that they need to be able to send email as if > it came from your domain (say big-isp.com) using whatever server was setup > on their laptop by their previous ISP.
No. I mean to say that customers are a weird bunch, with weird setups, that have always worked, and if we make it not work, we have some explaining to do. Not impossible, but not trivial either. Some people seem to think that because something is easy for them, it must be easy for everyone. We have for instance thousands of customers that have moved to a different ISP for access (for instance because we didnt offer DSL in their area so they got cable), but decided to keep services with us because they have email/homepage/whatever, or they just like us so much. Often they send out email themselves, or through their cable ISP, with our email address. They _should_ be using our servers with SSL/authentication but if you can say one thing about customers it's that they never do what you wish they'd do. Making customers, in the thousands of tens of thousands, change their configuration is not an easy task. And we do actually have cases where we changed something, it broke a customers config, they sued us because they couldnt change the source of their software because they only had the binaries and the company that had the source had long gone bankrupt. They're the exceptions, but again.. customers do weird stuff :) Cor _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
