spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Dealing with "legitimate" forgers

2004-07-11 10:11:38
from [Jeffrey Goldberg] [Permanent Link]
A number of businesses will "legitimately" counterfeit mail from their customers. One example is Federal Express which may send email to the recipient of a package on "behalf of" and forged in the name of the customer sending the package.
Other sorts of services routinely send out "invitations" or the like in the name (and address) of the user.
Now I'm sure that most of us agree that that is a bad practice that will have to come to an end. But has anyone had any luck contacting such sites and persuading them to change their policies?
I have a client who regularly uses FedEx for shipping. While I can certainly add 
something like

   ?a:fedex-outgoing-servers/24

to my client's SPF record, I would prefer not to do so.

-j

--
Jeffrey Goldberg                        http://www.goldmark.org/jeff/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Shortcuts to current mechanisms defined in RFC ?, Andrew G. Tereschenko
Next by Date:  Re: Additional security considerations, Jim Paris
Previous by Thread:  spf command-line query utility?, Nick Bartos
Next by Thread:  Re: Dealing with "legitimate" forgers, Chris Drake
Indexes:  [Date] [Thread] [Top] [All Lists]