spf-discuss
[Top] [All Lists]

Re: SPF implementations

2005-08-15 10:18:03
Ralf Doeblitz wrote:

What is the distinction between "return mails to X" (as
opposed to "send replies to X") and "report errros to X"?

RfC 3834 (auto-responders) also uses the Return-Path.  If
somebody mentions "errors-to" / "bounces-to" I automatically
switch to hardcore nitpicking + flame mode:

320 mails in my "HTML" folder + 23 in my "junk" folder, most
of it "misdirected" bounces and the normal spam.  My spammer
has decided that if I think that SPF is the answer then I've
to prove it... <sigh />

You only send mail to the return address when you have
something to report about its delivery status. In all
other cases you should use the data from the message itself
not from the envelope.

Many mails created by mail-bots should also go to the
MAIL FROM, unless these bots are very sure what they do. 

Did you mean that the return-address may not be identical
to the address of the original sender?

I thought (could be wrong) that Seth essentially said that
the Senderid-core concept should work (minus some minor
cases where the software could be fixed).  If he said this
I disagree:

MAIL FROM <> PRA is a real and legal case.  It won't go away
because one experimental RfC wants it to go away, or because
MS tries to enforce it.  If we'd want a transition period
waiting until the whole world updates its software we can't
use FAIL => reject for this decade (or how long it takes).

And without some kind of FAIL => reject SPF is more or less
pointless, a DKIM PASS is better than a SPF PASS (okay, SPF
is faster / smaller / cheaper tha DKIM, but OTOH DKIM works
also behind ignorant forwarders).

                     Bye, Frank

P.S.: 26 new "misdirected" bounces while I typed this article.



<Prev in Thread] Current Thread [Next in Thread>