fetchmail-friends
[Top] [All Lists]

Re: [fetchmail]Does SPF break fetchmail?

2005-07-08 13:12:08
On Fri, 8 Jul 2005, James Knott wrote:
Neil Harkins wrote:
Hi. I used fetchmail for a few projects over the past 10 years,
and was curious how it deals with SPF (Sender Policy Framework,
http://spf.pobox.com). 

If fetchmail retrieves a remote message, then resubmits it locally 
on port 25 with the original sender on the envelope, those messages
would be blocked if the local server is enforcing SPF, because the
local machine's ip isn't listed as a valid sender for the domain
which originally sent the mail. :(

I belief SPF looks at the originating host IP, not that of a host allong
the route, that handled the message.  For example, in looking at the
headers of your message, I can see that the originating IP is
192.190.237.112, which is not the address of my ISP or my IMAP server.

Headers are easy to spoof, thus worthless (for validating emails).

If your ISP were using SPF, it would validate that the client IP 
of that smtp connection is one that is listed as valid for the 
domain I'm using in the sender email address on the envelope. 

SPF assumes participants are directly connected to Internet, 
not using store-and-forward through 3rd parties. 

-neil