RE: MX secondary problem?

On Wed, 14 Jul 2004, Ryan Malayter wrote:

If they don't do it well, I imagine I'll have to put SPF+SRS on the
secondary, or implement a "check trusted received header" scheme as
Stuart suggests.


You don't have to put SRS on the secondary, just SPF.  Treat the secondary
as a whitelisted trusted forwarder so that you skip SPF on the primary
for mail coming from your (authorized) secondaries.

This seems to work the best in practice.  I don't recommend the
trusted 'Received' header solution because you end up not being 
able to reject the forgeries before DATA.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

<Prev in Thread]	Current Thread	[Next in Thread>
MX secondary problem?, Dennis Carr Re: MX secondary problem?, Mark Lentczner Re: MX secondary problem?, wayne Re: MX secondary problem?, Koen Martens Re: MX secondary problem?, Ralf Doeblitz RE: MX secondary problem?, Ryan Malayter Re: MX secondary problem?, Mark Lentczner Re: MX secondary problem?, Stuart D. Gathman AOL & ".vacation" forwarding ?, Chris Drake RE: MX secondary problem?, Ryan Malayter RE: MX secondary problem?, Stuart D. Gathman <=

Previous by Date:	Re: Citibank, Stuart D. Gathman
Next by Date:	Re: fair chance?, wayne
Previous by Thread:	RE: MX secondary problem?, Ryan Malayter
Next by Thread:	SPF TXT to English?, Paul Bissex
Indexes:	[Date] [Thread] [Top] [All Lists]