On Tue, 5 Jul 2005, David Woodhouse wrote:
On Tue, 2005-07-05 at 09:53 -0400, Stuart D. Gathman wrote:
Any recipient who rejects your mail because they forwarded it
somewhere else first is badly broken.
You still seem confused. The recipient didn't forward the mail. The
forwarder did. This involves three (or more) entirely separate
administration domains.
The "recipient" is the address in the SMTP RCPT TO field.
Are you saying that such broken recipients exist now? What is an
example of such a broken domain?
Anyone rejecting mail for an SPF failure when they can't guarantee that
there are _no_ unknown forwarding hosts is such a broken recipient.
Which is why I said that SPF is fine for trivial toy domains, but it
doesn't really work in the real world in general.
I think we have found a common page. I can agree with the above statement,
however, my perspective is different. I consider all the "toy" domains
with a handful of users to be the "real world". Email from gigantic ISPs
like AOL, Yahoo, and MSN, on the other hand, is from "toy users" who rarely
have any serious business to conduct, but like to send jokes and funny video
clips. So there :-)
So we all agree that rejecting on fail is incorrect when you have no
control over your forwarders. Getting control is currently too expensive
for giant ISPs, and therefore they should not be rejecting on SPF fail.
(Insert discussion of MS starting to reject on lack of Sender-ID
come November.)
The disagreement is whether giant ISPs not rejecting on SPF fail
renders SPF "useless". Frankly, as long as the giant ISP sends
real RFC compliant DSNs (with empty mail from) that my SRS/SES/BATV encoding
can ignore, it is their problem, and I couldn't care less. It is somewhat
helpful if the giant ISP at least publishes SPF records - which is easier
for them to do. SPF continues to work great for the vast majority of domains
(if not necessarily the majority of email users).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.