On Fri, Dec 12, 2003 at 01:29:43PM -0800, Ned Harvey wrote:
| Ok, so I understood it correctly from the start then. Under SPF, the
receiver's mailserver has to know the IP address that the message came from.
But it doesn't. It only knows the last relay that hands the message over.
I believe the confusion in this thread arises from Ned Harvey's
assumption that SPF is executed at MDA time, rather than at MTA time.
With reference to section 2.1 of
http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt,
SPF operates best at MTA.i and at MTA.r, and with some difficulty at UA.r.
If the relay that hands the message over to the current MTA is a trusted
relay within the same administrative domain, then SPF does not apply;
an earlier, outward-facing relay should have applied SPF checks.
If the last relay that hands the message over to the current MTA is not
trusted, then SPF does apply.
Therefore organizations like Pobox.com have to perform sender rewriting.
They have no choice: as a forwarding service, they are caught in the
middle, and SPF squeezes them from both ends.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.3.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡