-----BEGIN PGP SIGNED MESSAGE-----
On srs-discuss, Johann Steigenberger wrote:
SRS makes a good thing as SPF really useless.
We at UCEPROTECT-Network noticed an increasing of Spam and
Phishingmails claiming to be legal forwardet mail (with SRS) within the
last days. Worst on all, these faked Mails were delivered by well known
Investigating this, we found, that those providers do not even check for
SPF-Records and are accepting such crap, but then they are forwarding it
with SRS !!!
They just do an SRS on all forwardet mail, only to have the mails out of
their queue :-(
- From a receiver's POV there is just no meaningful difference between
"forwarding" and "originally sending" mail. Some misguided RFCs and their
advocates may be telling you otherwise, but it just ain't true. Nobody
except the sender can know whether a mail was forwarded or originally sent
by the sending host.
The difference between forwarders rewriting the sender address (using SRS
or other schemes) and forwarders not doing it is that the former accept
responsibility (to their domain) for the mail they send and the latter
don't (blaming responsibility on the supposed original sender domain).
SPF prevents forwarders (and other senders) from blaming responsibility on
Sender rewriting is indeed a good thing for forwarders to do. It does in
no way circumvent SPF, which is not meant as an anti-spam solution, just
as an anti-forgery solution, and SPF-protected domains can't be forged in
the envelope sender, not even using SRS.
It is true that forwarders should do SPF checking, especially those doing
sender rewriting. If they don't, and essentially forward (=send!) any
crap that someone inputs into their system, then they (i.e. their domains)
deserve to get a bad reputation!
You speak of "well known providers". Have you tried contacting them and
telling them that not checking for SPF, spam, etc. when forwarding is
going to discredit their domains?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v188.8.131.52 (GNU/Linux)
-----END PGP SIGNATURE-----
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
please go to