spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: .forward issues

2003-10-22 12:21:34
from [Phil White] [Permanent Link] 
On Tuesday 21 October 2003 20:04, Izzy Kindred wrote:


      The message now arrives at b.com, and is forwarded as follows:

------
Return-Path: b(_at_)b(_dot_)com (or should this be 
bounce-manager(_at_)b(_dot_)com?)
From: a(_at_)a(_dot_)com
To: c(_at_)c(_dot_)com
Spf-Forward: <forward-count> b(_at_)b(_dot_)com c(_at_)c(_dot_)com <hmac-sha1 
hash>
------


This may work, but I am not sure it is the right way of doing things.

I suspect that final RFC ratification will be influenced mainly by ISP/Network 
type people, rather than end users. And there are two very different 
requirements from each camp.

The above addition of headers may give a traceability, and lots of other bells 
& whistles, but the admin of an MTA is opnly interested in 1 thing - 
delivering legitimate email. Spam, worms/viri etc from forged and 
non-existant addresses should be IMMEDIATELY rejected, not bounced, by 
issuing a 5xx response at the DATA command. A forged email is simply not 
allowed onto my server. Spam is not only getting more numerous, it is also 
getting more bulky. Once it is on any system, it is too late - and to have to 
wait until the whole message is received, simply to validate the header, is 
wasteful - especially as the mail will probably be resent at a later date.

Which leaves the rewriting of the envelope sender as the most effective way of 
dealing with the problem. mail can be rejected before it has been submitted.

Even though persuading forwarders to rewrite the envelope-sender may be a 
problem, I think eventually most MTA admins will 'come round' to the idea 
_IF_ they can see the bandwidth reduction as a real benefit. Coupling this 
with a modification of existing RFC to allow HELO verification & rejection 
provides a simplicity and effective solution to our problems.


-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: report from ISPcon, Jesus Duarte
Next by Date:  Re: report from ISPcon, Andrew Boling
Previous by Thread:  Re: .forward issues, Izzy Kindred
Next by Thread:  RE: .forward issues, Roy Badami
Indexes:  [Date] [Thread] [Top] [All Lists]