On Sun, 2004-11-21 at 20:30 +0100, Roger Moser wrote:
I don't understand why this mail would be rejected. Unless it's just
rejected due to the normal brokenness of SPF when mail is forwarded?
forwarder1.com sends it to forwarder2.com saying
MAIL
FROM:<SRS0=HHH=TT=forwarder1(_dot_)com=XXXXXXX=name(_at_)forwarder1(_dot_)com>
i.e. MAIL FROM:<anything(_at_)f1(_dot_)com>
forwarder2.com sends it to final.com saying
MAIL
FROM:<SRS0=HHH=TT=forwarder1(_dot_)com=XXXXXXX=name(_at_)forwarder1(_dot_)com>
i.e. MAIL FROM:<anything(_at_)f1(_dot_)com>
final.com checks SPF and gets the result "Fail". Since the return-path is
not signed, it rejects the mail.
Right. Just a normal example of the brokenness of SPF. This isn't really
related to SES at all. If f1.com was stupid enough to publish an SPF '-
all' record AND final.com is stupid enough to obey it, valid mail gets
lost. This is nothing new.
--
dwmw2