On Tue, 10 Aug 2004, Cor Bosman wrote:
I mean, one of your customers (employees, whatever) sending email through your server using [EMAIL PROTECTED] (basically their own hotmail account).
They can in the From: header, but in the envelope your MTA is to ensure that DSNs have a valid return address, hence, the envelope must be some local account.
Sure, but if they are sending themselves (and have for years) and suddenly people are implementing SPF and we dont list their dynamic dialup host as a valid senderhost, their mail will be suddenly rejected.
Yup. That's is what happening now already, because of DUL blacklists.
Do you participate in some SourceForge projects? I do. And I painfully noticed that I cannot run those mails through my mail server at home.
Yeah, they could/should use our mailserver, but im just trying to say implementing SPF has a _lot_ of side effects.
Too much, for what I see currently.
Plaintext, you need to use SSL. How do you 'make' them use authentication?
Turn off non-authentificated access.
You dont control if they decide to use the hotspot's email smarthost, or use software that does the delivery itself. If you publish SPF records, then their email will be rejected. Maybe not such a big deal in your case, but im sure we have thousands of customers emailing with our domain name from remote locations not using our mailservers.
That is one problem of the current SPAM. Because legit mail may flow in non-signed and from any host. If anyone would use PGP or S/Mime, there would be no forged senders, if one would use a confirm-style certificate check-in mechanism (like when you join a mailing list that sends back a message to your mail account to verify that a) the address really exists and b) you are the particular person that initiated the join) -- at least not forged in the sense "there is an existing mailbox", as one could allocate easily one at any freemail (web) hoster,
Bye,
-- Steffen Kaiser _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
