spf-discuss
[Top] [All Lists]

Re: SRS question

2004-04-21 12:54:13
Paul Howarth wrote:
On Wed, 2004-04-21 at 20:17, Daniel Taylor wrote:

So, for exapmle, say I have a forwarding account at 
dtaylor(_at_)example(_dot_)com
that forwards to my work e-mail (the one you see). fred(_at_)example(_dot_)net sends me an e-mail using my example.com address so I would like to
see the following:

(incoming to example.com)
ENV FROM fred(_at_)example(_dot_)net
From: fred(_at_)example(_dot_)net
[other headers irrelevant to example]

(incoming to vocalabs.com)
ENV FROM dtaylor(_at_)example(_dot_)com
From: fred(_at_)example(_dot_)net


This preserves the _meaning_ of the ENV FROM, passes forwarding information forward, and only involves trusting the most recent hop.

So, am I full of it here, or is this doable?


Sounds reasonable at first but supposing there was a delivery problem
with your work address that resulted in a bounce. That would go to
dtaylor(_at_)example(_dot_)com, which would try to forward to your work 
address...

Isn't this already a problem?
Say someone tries sending me a spam with a forged ENV FROM of myself to
dtaylor(_at_)example(_dot_)com(_dot_) example.com doesn't have SPF setup yet, 
or at least
isn't hardfailing because they forward from everywhere, so we have the exact same problem right now.

I thought that MTA's already had special code to detect mail loops.
Of course, if you were rewriting the envelope from, you would probably
track the old ones in the Received: headers, so the bounce could propogate back to the origin. Probably even better to keep a local
database of forwards to roll the bounces back.


--
Daniel Taylor          VP Operations            Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com   http://www.vocalabs.com/        
(952)941-6580x203


<Prev in Thread] Current Thread [Next in Thread>