-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
wayne writes:
In
<0A78B84D9FDBFE41A53D4389657AACA0BB4E89(_at_)radon(_dot_)vidius(_dot_)co(_dot_)il>
"Arik Baratz" <arikb(_at_)vidius(_dot_)co(_dot_)il> writes:
Well, I was geared towards doing just that, but I didn't get a single report
of an MTA's non-compliance yet.
IIRC, Justin Mason said that fetchmail can mess things up.
Yep. here's the timeline of how this can happen:
- - message hits a mailing list app which records the original
envelope-from in an "X-Sender" header, e.g. ezmlm.
- - ezmlm resends message with new envelope-from.
- - delivered to recipient, with headers like:
Return-Path: <ezmlm-env-from(_at_)example(_dot_)com>
Received: ... [IP of list server]
X-Sender: <original-env-from(_at_)example(_dot_)com>
Received: ... [IP of original sender]
Received: ...
From: ...
Subject: ... etc.
- - fetchmail then downloads the message, and looks for an env-from to use
when it resends it. It picks the X-Sender header over the
Return-Path, unfortunately. There's the error...
- - this results in:
Return-Path: <original-env-from(_at_)example(_dot_)com>
Received: ... [IP of list server]
X-Sender: <original-env-from(_at_)example(_dot_)com>
Received: ... [IP of original sender]
Received: ...
From: ...
Subject: ... etc.
- - == SPF fail, because 'IP of list server' isn't permitted for
'original-env-from(_at_)example(_dot_)com'.
The way to avoid that: skip messages where 'X-Sender' appears, and
Received contains 'fetchmail'.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFAHsB+QTcbUG5Y7woRAmdYAKCjC8RVQoabqr8WYpYkjCXDpqO8fwCcCGBg
Mo7twLY2ylVj5tWZ/O6QMDc=
=vsxN
-----END PGP SIGNATURE-----
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡