----- Original Message -----
From: "Alex van den Bogaerdt" <alex(_at_)ergens(_dot_)op(_dot_)het(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Wednesday, February 09, 2005 5:44 PM
Subject: Re: [spf-discuss] Syntax and semantics of the TXT record versus
SPFMILTER behavior
On Wed, Feb 09, 2005 at 02:21:59PM -0800, ecsd(_at_)transbay(_dot_)net wrote:
My understanding is that the TXT record in the zone file for the domain
FOO.COM
indicates which hosts can have sent mail in behalf of FOO.COM users.
... can send mail using an envelope-from FOO.COM
I introduced "spfmilter" and began to have my users be rejected, when all
they
were trying to do was connect to our SMTP server to /inject/ mail. The
SPF
check should not affect that, I thought.
SPF should only be checked on incoming mail, not outgoing mail.
It sounds like you are also checking it on outgoing mail.
Why wouldn't you check outgoing? Forgers and email worms can certainly be
active *inside* your network, so checknig outgoing email will inform you the
administrator very quickly of any issues. Checking outgoing email has to be
done carefully, so legitimate clients are permitted, but this is what SPF
whitelists are for.