spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: Fixing Forwarding with RPF

2006-11-14 13:23:23
On Tue, Nov 14, 2006 at 05:51:26PM +0000, K.J. Petrie wrote:

"forwarder" is going to send a message to "petrei(_at_)home(_dot_)address"
but this fails because >>petrie<< has made an error.  Please do
pay attention to the (deliberate) typo I made in this address.

Yes, but the typo means my ISP won't recognise it as bound for my mailbox, 
and 
therefore won't apply the policies I have set on my mailbox, so the SPF check 
will continue as before, and the mail will be rejected according to the ISP's 
standard SPF policy.

Exactly my point.

You (petrie(_at_)forwarder(_dot_)example) have accepted the message.
But this message is going to be rejected by you (@home.address).
Thus the forwarder cannot deliver the message.
Thus the message is bounced, to the victim.

What difference has the forwarder made? As I said above, the sending MTA has 
not SPF checked the mail, so would bounce it anyway. That's the only place an 
SPF-based reject won't produce a bounce. It's also where the forger gets no 
doubt s/he's going nowhere.

It is the forger delivering to "petrie(_at_)forwarder(_dot_)example".  It is you
that made the typo.  Or another error occurs, I don't care.  It is the
forwarder (selected by you) that causes the problem.

I'm not going to discuss this anymore.  If you don't get it now, you never will.

Alex

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>