On Tue, Jul 23, 2013 at 2:49 PM, Chris Angelico <ros...@gmail.com> wrote:
> Ah, there's a solution to this one. You simply use your own > envelope-from address; SPF shouldn't be being checked for the From: > header. Forwarding and using the original sender's address in the SMTP > 'MAIL FROM' command is forging mail from them, so it is correct for > that to be thrown out. The mail is coming from your own account, so > you put your address in it, and you might even be able to put an > uber-strict SPF record like "v=spf1 ip4:1.2.3.4 -all" which is quick > to process and guarantees that nobody can pretend to forward mail on > your behalf. The checks are for the *current connection*, not anything > earlier. > > ChrisA > Bit Late, but do check out http://www.openspf.org/FAQ/Forwarding Forwarding does get broken, but a partial solution in whitelisting is there, though too manual & therefore cumbersome. Another option http://www.openspf.org/SRS is there to be worked in conjunction with spf. There is a best spf practices guide on the site. And all this email authentication issue given on openspf.org makes an interesting read. Ciao. Sanjay.
-- http://mail.python.org/mailman/listinfo/python-list