At 8:34 PM -0800 1/30/06, Douglas Campbell wrote:
Claus Assman said:
So why don't the major MTA distros do this?
man forward
Claus,
Here is the result:
C:\Documents and Settings\admin>man forward
'man' is not recognized as an internal or external command,
operable program or batch file.
and
[root(_at_)mooncake ~] man forward
No manual entry for forward
Seriously, if I interpret your two words accurately, you
are saying that SPF breaks forwarding (and aliasing)
to foreign e-mail addresses. But does it?
Yes. This is a well-known problem with SPF. Meng Weng Wong devised a
mechanism called SRS so that forwarders could *change* how they do
forwarding and not break SPF. SRS has not been widely adopted.
Unfortunately, forwarders do indeed *need* to change their behavior
if they wish to avoid breaking SPF, but few have bothered to do so,
as apparently they don't much care about whether SPF works.
What should the RCPT FROM be when an e-mail
is forwarded?
"Should" is a loaded term.
What it *is and always has been* for functional forwarding systems is
the original value, unmodified by the forwarder.
The original foreign sender or the local user
of the forward database?
That latter would be a very bad idea. A far worse idea than the
people devising SPF managed to come up with, and theirs is a mess.
The primary function of the envelope sender is as a return path:
where to send notices of transport and delivery status, including
bounces. If you change that to an address which was originally a
target of the message, any DSN will loop rather than go back to the
actual sender.
SRS addresses that, but it demands more of forwarders than I think
they can be expected to do reliably. Call me cynical.
In other words, if I forward e-mail,
shouldn't the envelope and headers change to reflect that I
forwarded?
Headers? Maybe added to, but existing headers should not get changed.
Envelope sender? No, at least not according to any existing practice
in broad deployment that is not known to be harmful.
In the best possible mail transport world, there might be no
forwarding or forwarders would have a standard mechanism for
modifying the envelope to indicate a chain of responsibility in a
trustworthy and secure manner. We don't live in that world. We
actually have decades of habits and standard practices that work, but
imply a trust of others which no longer is based in reality. SPF has
provided a demonstration that breaking widespread practices (whether
they "should" exist in the modern world or not) is a path to
footnotehood.
An MTA that does this appears to be
SPF-friendly. Actually, it appears that an MTA called
"qmail" does this, judging by the top results in a
google search for "forward man page".
You have not done your research adequately. Sendmail remains the
dominant MTA and mail tool suite, while qmail is abandonware. On many
Unix and Unix-like systems, 'man forward' will show you something
like the page at
http://www.rahul.net/cgi-bin/userbin/man?topic=aliases§ion=5
although that looks suspiciously like the Solaris page and has hints
of Sun in it. I see that the most current Sendmail has demoted
mention of the .forward file to the body of the aliases man page
rather than as another name for that page.
The sendmail
version seems more capable, but the example uses a
pipe to the "vacation" program, use of which I
understand to be bad etiquette.
I disagree. Many programs (including MS Exchange) that try to do the
same thing as 'vacation' do so quite poorly without considering any
edge cases and demonstrate the truth that egotism and coding don't
mix well. Anyone can use the concepts and even the code in Sendmail's
vacation program, but many who should have done so have chosen not to
and make their software a public nuisance.
Even if you think using vacation per se is a bad thing, I'm not sure
how that is relevant. The example in Sun's aliases man page is there
to show how one would use the .forward file (one place Sendmail looks
for forwarding information) to pipe mail into a program, and the fact
that it happens to be 'vacation' is trivial.
forward under sendmail also states
nothing about modifications of the envelope and
headers; therefore I must assume that sendmail keeps
them intact. But why? I'm trying to understand
history, in an effort not to repeat it.
You would do well to do your research first rather than state what
you believe should be as if it is fact.
--
Bill Cole
bill(_at_)scconsult(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg