spf-discuss
[Top] [All Lists]

Re: SPF+SRS vs. BATV (was: SPF Stats)

2005-07-05 07:00:56
On Tue, 2005-07-05 at 09:53 -0400, Stuart D. Gathman wrote:
Any recipient who rejects your mail because they forwarded it
somewhere else first is badly broken.

You still seem confused. The recipient didn't forward the mail. The
forwarder did. This involves three (or more) entirely separate
administration domains.

My mail hosts act as a forwarder for a number of addresses. Any
recipient domain which rejects mail merely because I've forwarded it is
broken, yes. I have occasionally had cause to contact them and explain
why they should stop using SPF, to avoid throwing away valid mail for
their users. So far this has worked.

But let's not pretend that the administrator of the final recipient's
domain was at all involved in the forwarding process. Let us not pretend
that the user whose mail was forwarded had any way of knowing what MX
hosts I've listed this week, and what IPv4 or IPv6 addresses those hosts
may be using for _outgoing_ mail.

Are you saying that such broken recipients exist now?  What is an
example of such a broken domain?

Anyone rejecting mail for an SPF failure when they can't guarantee that
there are _no_ unknown forwarding hosts is such a broken recipient.
Which is why I said that SPF is fine for trivial toy domains, but it
doesn't really work in the real world in general.

-- 
dwmw2


<Prev in Thread] Current Thread [Next in Thread>