Re: General Status of SPF


On Feb 26, 2004, at 13:54, David Woodhouse wrote:

Similar logic applies to my decision whether to publish SPF records for
my domains. If I publish records, then my users may not be able to send

mail to third parties who, in accordance with well-establishedpractice,

forward their mail from some virtual domain or forwarding account to
their 'actual' current email address.


David,

Forgive my ignorance but my reading of the SPF spec says thatpublishing an SPF record does not have this kind of side affect. Peoplewho require forwarding to a vanity domain have the choice to use SPF ornot at their email destination. That your publishing the SPF record foryour domain does not preclude the forward. In other words, a differentenvelope sender is used by the forwarding host. And the user requiringforwarding needs to either not use SPF checking or whitelist his/herforwarder or implement something like SRS to reliably allow thistransaction. Not advertising your preferred senders appears to hurt youand your users with the dubious result of maybe helping email providersthat cannot implement a proper SPF check or policy.

This looks like a non-problem. The recipient is choosing to use an SPFrecord without using a forwarding mechanism to protect his/her ownmail. Is that really your problem? If you asked your users if theywould prefer that you protect this class of users at another ISP at theexpense of allowing joe-jobbers, et. al., would they really agree withyou? In my very small community mail service, I cannot imagine that oneof my users would prefer that I protect the ability of an external toour community user's ability to poorly use SPF and accept joe-jobbingas the consequence.

Finally, I thought that the idea of enforcing SPF incrementallyallowed these vanity domains and forwarded services to learn how to useSPF correctly? That there is only a win-win in starting to help SMTPgain sender authentication?


Andrew

____________________________________
Andrew W. Donoho
awd(_at_)DDG(_dot_)com, PGP Key ID: 0x81D0F250
+1 (512) 453-6652 (o), +1 (512) 750-7596 (m)

<Prev in Thread]	Current Thread	[Next in Thread>
General Status of SPF, Laszlo Toth Re: General Status of SPF, David Woodhouse Re: General Status of SPF, Za'mbori, Zolta'n Re: General Status of SPF, Dan Boresjo Re: General Status of SPF, Andrew W . Donoho <= Re: General Status of SPF, David Woodhouse Re: General Status of SPF, Meng Weng Wong Re: General Status of SPF, Andrew W . Donoho Re: General Status of SPF, Theo Schlossnagle Re: General Status of SPF, David Woodhouse Re: General Status of SPF, Alex van den Bogaerdt Message not available Re: General Status of SPF, Alex van den Bogaerdt Re: General Status of SPF, Dustin D. Trammell Re: General Status of SPF, Meng Weng Wong Re: General Status of SPF (forwarding and rewriting), Za'mbori, Zolta'n