Scott Kitterman writes:
Dick St.Peters wrote:
I don't view it as "placating", just good service and good net
citizenship. By forwarding with SRS I get mail to my users even if
they use an email account at an SPF-checking service/site, and if the
forwarded mail fails I get the bounces back to the sender. By
rejecting on SPF fail, I don't forward forged mail "from" people like
you, so I don't get bounces to forward "back" to you either.
OTOH, when I reject forged mail, the site trying to send/relay the
forged mail here may send a bounce "back" to you. This is probably
little better than having me forward a bounce to you would be, so your
"-all" may not help you as much as you'd like.
Do you provide a facility for your customers to whitelist addresses
against rejection due to SPF failure?
No. I will whitelist forwarders myself as necessary, but I want
senders with broken SPF records to fix them. (Usually, the senders do
also.) Also, I don't consider a mail authentication system riddled
with holes installed (and usually never cleaned up) by naive users
to be much of an authentication system.
--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com