spf-discuss
[Top] [All Lists]

[spf-discuss] SPF and gateways

2005-09-23 01:16:55
 
  
All, 
  
I know this must have been discussed to death but I cannot find a satisfactory 
answer to it. 
  
If I have an MTA sat behind an outsourced AV gateway then how can I get SPF to 
work? 
  
Outbound mail is fine as I can setup an include rule to include the gateway in 
my SPF record. 
  
Inbound causes a problem. SPF is meant to be checked "at the boundary". Well my 
server is "my boundary". The outsourced server is not, although all mail will 
go through it on it's way to me. There is no way that I can see to do an SPF at 
the innner MTA ( my "boundary" MTA) as the AV gateway will never be allowed to 
relay from the arbitary sending domain. 
  
Have read a few items on this it assumes that the AV gateway will do SPF as it 
will have to assume the role of the boundary MTA. Depending on AV gateway 
supplier this may or may not happen. Has anyone come up with a fool proof 
method of doing this? The only suggestions I have seen involve looking back 
through the Received headers to find the sender's IP address - obviously this 
is prone to all sorts of errors. 
  
Simon



-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com