spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: spf with online forms

2005-05-02 13:17:45
from [Commerco WebMaster] [Permanent Link] 
Andrew,
A good question. FWIW, eBay does a great job dealing with its HTML Web Forms and SMTP just fine with SPF (you got me paranoid, so I just checked - very smart way they do it, but then, they *are* eBay). 

If I understand your scenario, you are asking how this can take place:
Foo.tld - Your HTML web based form site.
UserA(_at_)DomainA(_dot_)tld - A Member of the Foo.tld site
UserB(_at_)DomainB(_dot_)tld - A Member of the Foo.tld site

UserA wants to send a message to UserB via a form at Foo.tld
It would seem, as the form operator at Foo.tld, your address would be trusted by both UserA and UserB who, after all, are members of your site and thus would normally want to receive your messages, so, you simply need to send from your own site's controlled domain name. In other words, when you send the form message contents, send with a from of somename(_at_)Foo(_dot_)tld via your SMTP mail forms processor.
Perhaps you could mention UserA's address in your message body sent from somename(_at_)Foo(_dot_)tld, should UserB wish to get back to them. To keep the process confidential, simply encode something in the message to allow a returned message from UserB back to Foo.tld to have a path to get to UserA, again via somename(_at_)Foo(_dot_)tld, or simply point them in your message body back to a form on the Foo.tld site to create their reply. 

If I missed something here, please elaborate on your question.

Best,

Alan Maitland
WebMaster(_at_)Commerco(_dot_)Net
The Commerce Company - Making Commerce Simple(sm)
http://WWW.Commerco.Com/


At 01:17 PM 5/2/2005, you wrote:

Could someone please explain to me how spf deals with websites which use
online forms to send emails?  For example, if I am on eBay and use their
online form to send an email to another eBay user, eBay sends the email
from my account through their smtp server and on to the other eBay user.
 Upon receipt of that email, the recipient's email system would do an
spf lookup on my domain and find that eBay.com's smtp server is not a
valid sender for my domain and therefore reject the email.

It's not just eBay by the way, there are thousands of websites which do
this very same thing.

Any thoughts?


-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: spf with online forms, Roger B.A. Klorese
Next by Date:  RE: help on setup, Christopher Carter
Previous by Thread:  Re: spf with online forms, wayne
Next by Thread:  Re: spf with online forms, Andrew Gutkowski
Indexes:  [Date] [Thread] [Top] [All Lists]