On Fri, 24 Jun 2005, Graham Murray wrote:
Even that is arguable. The purpose of MAIL FROM (in RFCs 821.2821) is
as the 'bounce' address to which DSNs are sent. So, if I send mail to
you(_at_)example(_dot_)com and example.com forwards it to
someuser(_at_)bigisp(_dot_)com and it is
undeliverable, I would want the DSN to tell me that it was not
delivered to you(_at_)example(_dot_)com, not
someuser(_at_)bigisp(_dot_)com(_dot_) bigisp.com
should send the DSN to example.com which should send a DSN from
you(_at_)example(_dot_)com back to me.
It is quite possible that you(_at_)example(_dot_)com might not want me to know
their 'real' email address, but if the forwarder keeps the original
MAIL FROM then this information can be exposed.
So forwarding without changing the MAIL FROM is broken for reasons
other than SPF.
Amen, brother. Preach it!
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.