spf-discuss
[Top] [All Lists]

Re: the FAQ on (user) forwarding

2004-02-10 12:54:55
On 10 Feb 2004 at 12:17, mw-list-spf-discuss(_at_)csi(_dot_)hu wrote:

In the FAQ for SPF, I see the advice

"|/usr/sbin/sendmail -oi -f nobody(_at_)intermediate-domain(_dot_)com 
foo(_at_)bar(_dot_)com"

for forwarding.  This means that if I send a message to
friend(_at_)intermediate-domain(_dot_)com, it gets forwarded to 
foo(_at_)bar(_dot_)com, but
if the message bounces back from bar.com, it bounces to nobody on
intermediate-domain.com, ie, to /dev/null.  But do not I want to know
about the failed delivery?

This is the advice the FAQ gives when you don't have procmail. If you
have procmail, the "advanced solution" is recommended: "This is better
than the first form, which deletes all bounces, whether or not they'd
cause a loop."

But I think even the advanced solution won't bounce bounces back to
the original sender. But usually this is not the worst of the problems,
because you are supposed to set up the forwarding to an mailbox that
is reachable all the time, so there won't be an "user unknown" bounce
from there. Maybe there could be a bounce of "mailbox full" or something,
but again, this can be solved on the receiving side.

There is no simple solution for handling the bounces with just a few
lines of procmail. That's why comercial forwarding systems will have to
use some kind of "SRS" (sender rewriting scheme) to be able to bounce
bounces back to the originator. You have to know which is the original
sender of the email that bounces. You don't have this information anymore
from the bounces that come back with these procmail or .forward
solutions.

You could try out something similar to the proposed SRS if you are able
to receive emails in the form friend+<something>@intermediate-domain.com
at the same account. You could encode the original sender somehow in the
<something> part and then have extract this information if the bounce
comes back to it. You should be aware of all the security considerations
with this, since without precautions you would end up having an open
relay.

If you know how the bounces can look like from your final destination
you could also try to encode the original sender in other parts of your
email. But this is then much more difficult to extract.

-- 
Ernesto Baschny <ernst(_at_)baschny(_dot_)de>
 http://www.baschny.de - PGP: http://www.baschny.de/pgp.txt
 Sao Paulo/Brasil - Stuttgart/Germany
 Ernst(_at_)IRCnet - ICQ# 2955403

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/spf-draft-20040209.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>