jeremy+spf(_at_)doupe(_dot_)com writes:
You are causing the problem, not SPF or BigIsp.com.
SPF is causing the problem. When things that have always worked and
around which businesses are built are broken by something new, it's
the something new that's causing a problem.
Before people react too violently, I'm a supporter and early adopter
of SPF. I'd like it to take root and grow, and I can work around its
problems. (I've been an email admin for more than 20 years, since
before rfc821 was adopted.)
As a forwarder, you
need to take responsibility for the mail you send and make BigIsp.com
check your SPF record.
Yes, in an SPF world that's what you're making people do, and taking
responsibility for mail is what many forwarding sites want to avoid.
There are alternatives, such as DomainKeys, that leave responsibility
with the originating site and preserve the forwarding role as simply
transparent transit.
As I said in my first mail to the list, I have chosen to run SRS and
take responsibility for mail passing through here. (In fact, I use
SRS to rewrite the MAILFROM of mail originating here as well.) SRS
introduces problems of its own, which I'm addressing as I bump into
them.
You have several options: get BigIsp.com (and
all the other destinations) to whitelist your servers (a la
trusted-forwarder.org),
Yeah, and you have the option of whitelisting everywhere that sends
you mail, so you don't need SPF.
use an address @example.com (such as
postmaster), or better yet, use something like SRS. This has been
hashed out many, many times on this list in the past. What's the big deal?
The big deal is that the very existence of the problem was denied.
The problem exists, and while SRS addresses it, SRS isn't a very good
solution.
--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com
Gatekeeper, NetHeaven, Saratoga Springs, NY