On Monday 24 July 2006 15:24, Marc Perkel took the opportunity to write: > Except = SPF breaks email forwarding. It requires that the world change > how email is forwarded and that's not going to happen. Thus if a bank > has a hard fail and someone with an account on my server gets email from > an account that is forwarded then my server sees the email as coming > from an illegitimate source.
Not entirely true. It requires you to make exceptions for mail forwarded from
those of your users' accounts elsewhere where SRS is not yet employed (which
is not trivial, I must admit, but not impossible either) before enforcing
such hardfails. The users must know where they are forwarding mail from and
to. If mail comes any other way it's illegitimate, or at least
indistinguishable from illegitimate mail.
The problem is, of course, that it's generally not possible to know all
outgoing MTAs of a domain, unless that domain also uses SPF, and in that case
they also ought to know about SRS.
If the intermediate system adds a Resent-From: header it also helps. Spammers
can't know all the ways people forward mail.
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
pgpa22aXIP2NF.pgp
Description: PGP signature
