spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: BLOCK: junkemailfilter.* (fwd)

2007-01-24 20:25:24
from [Stuart D. Gathman] [Permanent Link] 
On Wed, 24 Jan 2007, william(at)elan.net wrote:


What's the current status of the SRS efforts?  Are any of the big sites
signed up to do it?


SRS is not actually needed except as a work around for recipients
that don't provide whitelisting.  (e.g. you want to forward mail to your 
gmail.com account).

Ideally, a forwarder would have an SPF record for their domain, and
their recipients would list that domain in trusted forwarders.  Incoming
mail from that domain (according to the SPF record *regardless* of MAIL FROM)
should not be SPF checked.  Hopefully, the forwarder does SPF checking.

If a forwarder uses SRS, then all forwarded mail will pass SPF, and 
appear to come from the forwarder.  However, if the recipient tracks
reputation, by IP or domain, then any spam forwarded may result in the
forwarder getting blocked.  

With or without SPF, forwarding is dangerous without some kind of
whitelisting arrangement with the recipient.  A real life example
that I have had to deal with many times is a user that forwards
their mailbox to an AOL account "because the spam filter is easier".
Then, they begin flagging forwarded mail as "spam" (including memos from their
own office they'd rather not deal with).  Soon, everyone at their
company is blocked from sending to AOL.


It seems like a good idea to me, but then I found the FAQ at:
   http://www.openspf.org/FAQ/Forwarding
which says:
     But don't worry, we're working on providing SRS
     patches for the four major opensource MTAs, so that
     when you upgrade to an SPF-aware version, this
     problem will be solved also.
This has been going on long enough that I'd expect code to be available by
now, but maybe my clock is off.


I have updated that FAQ (which was quick and dirty translated during the
web-site transition).

SRS is actually more useful as a variation on BATV to reject bounces of
your forged domain.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Current spf record for comcast.net?, william(at)elan.net
Next by Date:  Re: [spf-discuss] Status and support for SRS, Stuart D. Gathman
Previous by Thread:  [spf-discuss] Re: BLOCK: junkemailfilter.* (fwd), william(at)elan.net
Next by Thread:  Re: [spf-discuss] Re: BLOCK: junkemailfilter.* (fwd), william(at)elan.net
Indexes:  [Date] [Thread] [Top] [All Lists]