spf-discuss
[Top] [All Lists]

Re: Recipient Rewriting Scheme

2005-08-17 20:08:27
On Thu, 18 Aug 2005, Alex van den Bogaerdt wrote:

On Wed, Aug 17, 2005 at 08:12:03PM -0400, Stuart D. Gathman wrote:

If it fails SPF, it aint my forwarder.  That is kind of the whole
point of SPF.  Remember, I am checking the forwarder domain against
SPF - *** NOT the MAIL FROM ***.  That is the whole purpose of RRS:
to extract what the MAIL FROM should have been if the forwarder
were using SRS or the equivalent.

Perhaps I didn't understand:

RRS=IHBf67rW=blockbuster(_dot_)com=user(_at_)example(_dot_)com
[snip]
Now, when email arrives to that address, the SPF check is done against
blockbuster.com - even though the MAIL FROM says custhelp.com - and

You mean blockbuster is your forwarder, not the original sender ?
If that's so, it's quite confusing.  It looks as if it's the original
sender (from a forwarder's perspective) and "example.com" is the forwarder.

custhelp.com is the original sender, example.com is the final destination, and
blockbuster.com is the forwarder (I wouldn't call them "trusted" given their
email cluelessness, but you have no choice to use their service).  Actually,
blockbuster is the original sender, but is just using someone elses domain
because they are clueless.  However, the effect from the perspective
of the receiving MTA at example.com is as if they were forwarding
mail from custhelp.com without changing the MAIL FROM.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>