Matt Kettler wrote:
Marc Perkel wrote:
Agreed Phil
True - SPF his hopelessly broken and must die.
Repeat after me SPF breaks email forwarding. SRS breaks the ability to
do conditionals based on the true from address. SPF blocks no spam but
it does create false positives on legitimate email. It's a technology
that has no up side at all and a severe down side.
Mark, SPF isn't an anti-spam technology. Anyone who says it is, is an
imbecile. SPF is an anti-forgery technology. Those who continue to think
of SPF purely as a spam control technology are doomed to be disappointed
and/or endlessly make posts like "SPF can be evaded by spammers, they
just publish their own SPF". Duh.
It's anti spam technology. The reason people use it is because spammers
are forging email addresses.
That said, your comment about blocking no spam is pure horsehockey. I
have plenty of spam matching SPF_FAIL and SPF_SOFTFAIL.
I've also have had no FPs from SPF, except websites like hire.net that
insist upon forging my domain as the envelope sender when generating
emails to my HR staff. Actually, MAIL FROM, RCPT TO, From: and To: are
all identical. Brilliant.
Yep - they are using "normal" email technology. That's supposed to work.
That's what SPF breaks. It also breaks email forwarding.
And SRS does not break the ability to do conditionals, because the true
envelope from address is still a part of the rewritten envelope from.
You just need to make your conditionals match the SRS version.
You have to rewrite all your conditionals to support the broken technology.
