On Wed, 6 Jul 2005, Dick St.Peters wrote:
You seem to understand the problem, but what makes you claim this
forwarding is "wrong"? RFC2821 explicitly permits it.
That RFC even describes it as common, and it's a lot more common than
most people on this list seem to realize, especially this time of year
when thousands of university students have their school address
forwarded to their home address or some temporary summer address.
It is not wrong, and also not problem with SPF unless all of the following are
true:
1) the target checks SPF
2) the target reject SPF failures
3) the target doesn't know who forwards to it, and doesn't whitelist them
4) the forwarder doesn't use their own MAIL FROM (e.g. SRS)
As a forwarder, you don't have to do anything unless one of your targets
starts doing 1, 2 and 3. Those targets are wrong - they should not be
rejecting when they can't list forwarders. However, you have to keep
the mail flowing, so in that case, you can compensate for their mistake
by using your own MAIL FROM via SRS or whatever for those targets (to avoid
side effects with targets that don't need it).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.