spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Sendmail white paper, SRS, and forwarding

2004-11-21 13:09:46
from [Chuck Mead] [Permanent Link] 
David Woodhouse wrote:

On Sun, 2004-11-21 at 20:30 +0100, Roger Moser wrote:


I don't understand why this mail would be rejected. Unless it's just
rejected due to the normal brokenness of SPF when mail is forwarded?




forwarder1.com sends it to forwarder2.com saying
MAIL 
FROM:<SRS0=HHH=TT=forwarder1(_dot_)com=XXXXXXX=name(_at_)forwarder1(_dot_)com>



i.e. MAIL FROM:<anything(_at_)f1(_dot_)com>


forwarder2.com sends it to final.com saying
MAIL 
FROM:<SRS0=HHH=TT=forwarder1(_dot_)com=XXXXXXX=name(_at_)forwarder1(_dot_)com>



i.e. MAIL FROM:<anything(_at_)f1(_dot_)com>


final.com checks SPF and gets the result "Fail". Since the return-path is
not signed, it rejects the mail.



Right. Just a normal example of the brokenness of SPF. This isn't really
related to SES at all. If f1.com was stupid enough to publish an SPF '-
all' record AND final.com is stupid enough to obey it, valid mail gets
lost. This is nothing new.
Unless the domain owner is exercising his or her right the use of the domain in this way. In which case SPF is not broken at all... it's doing exactly what the domain owner intends. 

--
csm(_at_)moongroup(_dot_)com, head geek
http://moongroup.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Sendmail white paper, SRS, and forwarding, David Woodhouse
Next by Date:  Re: Sendmail white paper, SRS, and forwarding, Chuck Mead
Previous by Thread:  Re: Sendmail white paper, SRS, and forwarding, David Woodhouse
Next by Thread:  Re: Sendmail white paper, SRS, and forwarding, Chuck Mead
Indexes:  [Date] [Thread] [Top] [All Lists]