This is a cryptographically signed message in MIME format.
Greg Connor wrote:
--"Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> wrote:
It should not SRS encode mail that is simply getting
relayed.
Forgive me if this is a stupid question, but why not?
The secondary has to be checking SPF coming in, right? If it does not
use SRS then you have to white-list the secondary, because your
secondary is not an authorized sender for all incoming mail from all
domains, and if they don't check SPF forgeries would not be stopped.
This is the reason that Mail::SPF::Query returns 'pass' when mail is
coming from a secondary.
As has been said many times before, your secondaries must perform the
same security checks as you do -- otherwise the attacker will use the
weaker path.
Philip
--
Philip Gladstone
* Check out the live pondcam at http://pond.gladstonefamily.net