-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Barry
Margolin
Sent: Saturday, August 21, 2004 4:02 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Email forwarding w/o submission service
My college alumni association provides an email forwarding service: any
alumnus can get a <user>@alum.mit.edu address that forwards to their
real email service. However, they don't provide a mail submission
service -- you still have to send your mail out through whatever SMTP
server you would normally use.
How is this supposed to work with SPF? The answers in the FAQ all seem
to be about services like pobox.com, which also provide submission
services. There's no way for MIT to list all the possible mail servers
that will send out mail from <user>@alum.mit.edu. I guess this means
they'll have to leave the domain unprotected, which means that spammers
are free to forge alum.mit.edu addresses.
So far it seems that the answer that has been given is that SPF won't work
in this situation.
I'm not sure that's entirely true. Couldn't they use exists: and a custom
DNS setup to define per user policies?
The specs allow for this capability. Has anyone tried this yet? Generally,
the references to exists: that I've seen on these lists refer to using it to
collect data.
While the effort involved in setting something like this up would be
significant, I'm guessing that there may be a few people with alum.mit.edu
with some technical background. ;) If they could implement this approach and
share their results, it may well be a significant contribution to the
community.
Scott Kitterman