spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Mail Forwarding Question

2006-02-27 11:10:39
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephan Golux wrote:

[...]
My cpanel setup forwards all email destined for 
"client(_at_)client(_dot_)org" to
"client(_at_)client-isp(_dot_)com".  But the outside world doesn't know that.

My client's ISP subscribes to SPF.


Which is good.


THe party sending mail to my client publishes an SPF record.


Which is good, too.


But since the email visits my intervening forwarding virtual host, the
client ISP bounces the mail because "virtual.com" is not an authorized
sender for "sender-isp.com".

So I feel between a rock and a hard place.  I am following all RFCs on
sending and forwarding mail, but I seem to have no way to serve my
client legitimately except to recommend that he move to an email service
that does NOT use SPF.

Any suggestions?


Since you as your client's forwarder don't do sender address rewriting
(SRS etc.), the client(_at_)client(_dot_)org -> 
client(_at_)client-isp(_dot_)com forwarding you 
have set up for him is conceptually part of his receiving e-mail infra- 
structure.  So why does your client (through his ISP) perform SPF checks 
on messages received from parts of his own e-mail infrastructure?

Your client should ask his ISP not to SPF-check messages that are received 
from virtual.com and have RCPT TO:<client(_at_)client-isp(_dot_)com>.

Or you could choose to be a forwarder independent from client.org and start 
doing sender address rewriting for forwarded mail.

In any case, you are far from between a rock and a hard place, but you'll 
have to respect sender-isp.com's wish that their domain not be used as the 
envelope sender by independent forwarders.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEA0BxwL7PKlBZWjsRAmRdAJ9S5W3sw8BY25HHMq/2P7FRzPfivACfUdeI
LKs+Oxa4cePQjaDH9Yxq+jQ=
=3JdD
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Mail Forwarding Question, Scott Kitterman
Next by Date:  Re: [spf-discuss] Mail Forwarding Question, Daniel Taylor
Previous by Thread:  [spf-discuss] Mail Forwarding Question, Stephan Golux
Next by Thread:  Re: [spf-discuss] Mail Forwarding Question, John Kelly
Indexes:  [Date] [Thread] [Top] [All Lists]