spf-discuss
[Top] [All Lists]

Re: let's get rid of SRS

2004-05-19 12:21:13
On Wed, 2004-05-19 at 13:49, Daniel Taylor wrote:
"The forwarding problem" isn't much of a problem at all as I see it.

Forwarders _should_ set the envelope From to be the address doing the
forwarding (as would happen if you forwarded using procmail instead
of a .forward file). Mailing list software already does this, which
is why SPF isn't a problem for mailing list providers.

The main trouble is forwarders dealing with rejects and bounces, for
which local solutions should be adequate. SRS can be used as such a
solution, or simply maintain the connection if it is a forwarded address
and attempt delivery before accepting for delivery. I imagine that there
are many potential solutions that elude my meager abilities to conceive 
of yet.

Hrm... this active forwarding rather than store-and-forward doesn't
sound like a half bad idea to discuss...  What if a forwarder received
envelope information from a client, then opened a new connection to the
forwarding address's recipient mail server with a new envelope.  If for
some reason that fails, a temporary failure or reject (depends on the
case) could be generated for the client.  If that connection succeeds,
the forwarding mail server gives the client the OK in response to the
envelope info and the client goes ahead with DATA.  The forwarder would
then send that data through to the recipient server.  The only problem
with this that I can see is some potential latency which would grow
exponentially with every forwarding hop, and the possible ability to
detect which addresses are forwarded based on this latency.  In this
scenario, if the recipient server rejects, there is no bounce, the
forwarding server immediately rejects the sending client.  If the
recipient server accepts the message, and then it must bounce later, the
forwarding server would still have to handle it based on it's new,
proper envelope it used with the recipient server.  Can anyone think of
a way that an 'active forwarding' scenario like this could  handle this
condition?  How often would a final destination recipient server accept
a message and then bounce it?

-- 
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/spf-draft-200405.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

<Prev in Thread] Current Thread [Next in Thread>