On Mon, 26 Jan 2004, Julian Mehnle wrote:
: > 1. User is on a mailing list, which (properly) sets Sender: to the
: > mailing list return path address.
: >
: > 2. The address subscribed to the list is a pobox.com address, or that of
: > some other aliasing service, which rewrites the envelope a la SRS.
: >
: > 3. The received mail at the destination mailbox flags your check.
: >
: > Sender: != return path (envelope). Please do not equate them, or even
: > cosider them to be related; they're not.
:
: Why not?
Well, you didn't finish the detailed explanation. Here goes:
: B. Pobox user *receives from* mailing list
:
: 1. Other subscriber sends to mailing list:
:
: MAIL FROM: other(_at_)subscriber(_dot_)tld
: ( Sender: would be the same as From:, so not included )
: From: other(_at_)subscriber(_dot_)tld
: To: mailing(_at_)list(_dot_)tld
:
: 2. Mailing list forwards to Pobox user:
:
: MAIL FROM: mailing(_at_)list(_dot_)tld (or SRS equivalent)
: Sender: mailing(_at_)list(_dot_)tld (or SRS equivalent)
: From: other(_at_)subscriber(_dot_)tld
: To: user(_at_)pobox(_dot_)com
You missed the next step.
3. Pobox rewrites envelope to be SPF compliant and relays to next address.
MAIL FROM: mailing(_at_)úÚ×$6ª0ØÃkâD?¹Û�?�?{?Ä�Ã
(RCPT TO: poboxuser(_at_)someotherdomain(_dot_)tld)
Sender: mailing(_at_)list(_dot_)tld
From: other(_at_)subscriber(_dot_)tld
To: user(_at_)pobox(_dot_)com
No match on headers. This would be flagged as bad by the envelope-to-header
check.
: Mail-Followup-To: mailing(_at_)list(_dot_)tld
: Instead of "Mail-Followup-To"[1], "Reply-To" might be used, but I think
: DJB's proposal is right.
:
: What's wrong with that?
:
: [1] http://cr.yp.to/proto/replyto.html
It's unrelated to SRS or SPF and must not be considered authoritative sender
information. That's wrong, and many mailing lists are *deliberately* set up
not to have Reply-To set to the list. Hence I've elided that from your
expanded example above.
--
-- Todd Vierling <tv(_at_)duh(_dot_)org> <tv(_at_)pobox(_dot_)com>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/HomePage
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡