spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Sendmail white paper, SRS, and forwarding

2004-11-20 09:48:23
from [Michael Weiner] [Permanent Link] 
On Sat, 2004-11-20 at 11:37 -0500, Meng Weng Wong wrote:

As a sender with -all, have you seen any bounces due to
forwarding?


Honestly, if any mails bounce, i probably DO NOT want it in my network
anyway. But no, not really, as most of the forwarders i receive mail
from are doing SPF and other magic in the background. I have not noticed
a significant increase in rejections based on the -all.


Godaddy.com is now rejecting on -all, which got them
applause at the FTC conference.  But they're bearing a
certain customer support burden.

It's actually easier for forwarders to honour a -all, under
the assumption that forwarding to a forwarder is an order of
magnitude less common than single-hop forwarding.


Agreed.


I'm doing -all too.  Keep in mind that whitepapers tend to
accumulate cautiousness.  Unfortunately the sendmail
whitepaper explicitly recommends against SRS, even though
many forwarders have already implemented it, including
gmx.de, php.net, pobox.com, etc.  The reason for
recommending against SRS and prepending headers is that it
munges things that should maybe not be munged, which might
break crypto.  But I really don't see the problem.  DK says
exactly what headers it signs, and by the time a BATV gets
reversed back out it shouldn't care either.  The only case
where you might not want to SRS a return path is where SES
is happening, but even then, the rewritten address will pass
SPF anyway.


I currently implement SRS and even DK, but will drop it in favour of SES
as i believe that resolves MOST of my personal and business email-
related issues. Besides, i have a strange issue now, where the SRS0
address comes back to sendmail and i receive a user unknown. i need to
dig a bit deeper to see when that began, could have been due to an
upgrade to sendmail which dropped some specific config options allowing
the SRS0 return-path to actually work. Example, when i send an email to
say a sourceforge.net mailing list, i get a bounce back from them, which
ends up receiving a "user unknown."  If anyone on the list is currently
using sendmail + SRS, i would appreciate a reply on any ideas on what
the he** i have lost in my config.

Thanks in advance.
Michael Weiner

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Sendmail white paper, Mark
Next by Date:  Re: Sendmail white paper, SRS, and forwarding, Theo Schlossnagle
Previous by Thread:  Re: Sendmail white paper, SRS, and forwarding, Meng Weng Wong
Next by Thread:  Re: Sendmail white paper, SRS, and forwarding, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]