spf-discuss
[Top] [All Lists]

RE: [spf-discuss] The problems with SPF

2005-08-26 15:07:06
From: Julian Mehnle [mailto:julian(_at_)mehnle(_dot_)net]
Sent: Friday, August 26, 2005 10:03 AM

<...>

I predict that forwarding without sender rewriting will die and SPF (or
an equivalent technology) will succeed, because, overall, authenticity of 
sender addresses simply is much more important to users than forwarding 
without sender rewriting, which can (from users' perspective) be easily 
substituted by forwarding _with_ sender rewriting.

It doesn't have to be a choice of forwarding with rewriting vs. no forwarding.  
There _are_ techniques for delivering forwards without rewriting the 
return-path.  One such method is SES.  The return-path stays the same 
throughout message transport and uses a UDP callback mechanism to validate the 
return-path.  In the SPF context, it is only necessary to do this callback when 
the other SPF mechanisms do not match, i.e. a non-SRS forwarder.  The 
advantages are that it does not require the cooperation of any intermediate 
forwarders, and the recipient does not need a forwarding whitelist.  Signing 
mail with an SES return-path does not break legacy applications, so it can be 
phased in.  You also get the ability to reject forged bounces before data as a 
side benefit.

I'm sure there are other ways to accomplish this, but this is at least one 
workable method.

-- 

Seth Goodman

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com