Roger Moser wrote:
Teddy wrote:
By signing sender address. Could you please explain that exactly? Is it
possible with normal Outlook, Mozilla-Mail, Entourage, and all the other
programs?
Your clients send their mails through an SMTP gateway on your server and you
add the signature to the envelope sender.
To sign the envelope sender, add a timestamp to the email address and then
computer a SHA1 (recommended) or MD5 digest of the email address including
the timestamp, and also add the digest. When you receive a bounced mail
check the signature of the recipient's email address.
For example if your client Hans Meier sends mail saying "MAIL FROM:
Hans(_dot_)Meier(_at_)guetsli(_dot_)ch" through your server, then you add a
signature like
this: "MAIL FROM: SES0-g7KA-6G-Hans(_dot_)Meier(_at_)guetsli(_dot_)ch".
Then reject bounced mail that say only "RCPT TO:
Hans(_dot_)Meier(_at_)guetsli(_dot_)ch".
I have to think about that again. It seams to be a solution. But I have
some very special configurations (also because my clients). And anyway,
this does not really solve the problem. It is only handled with a high
effort automaticaly.
BTW is there an exact description of this SES?
By the way, I (as provider) am not allowed to modify the message by law,
except to add a Received header.
You don't have to modify the message. You only add something to the envelope
sender (MAIL FROM:).
BTW. On your web site you offer to your clients that they can have their
mail forwarded to another address ("Auf Wunsch können Sie Ihre E-Mails auf
eine andere E-Mail-Adresse weiterleiten lassen"). What did you do in order
to prevent that mail forwarded by your server is not rejected by an receiver
using SPF?
I'm implementing SRS (not yet working). But this has not a very high
priority, because only very, very view (and private) clients are using
this forwarding service and until now no one of the final receipients
checks SPF.
Teddy