On Sun, 04 Feb 2007 09:03:37 +0100 Frank Ellermann
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> wrote:
Michael Deutschmann wrote:
I suppose one could do SRS if the message is SPF PASS, reject it if
it's SPF
FAIL and do traditional forwarding if it's and other SPF result. This
would
avoid the making it worse part and actually reduce backscatter to some
degree
Not necessarily. Just because the result was NEUTRAL or SOFTFAIL when
the forwarder checks incoming mail, does not mean the result can't be
FAIL
when the ultimate recipient checks the same message against the
forwarder's
outgoing mail IP.
So in some cases you need SRS to get through, but still can't safely
bounce.
Yes, NEUTRAL isn't very helpful. When I see reports saying that xy% of all
mails already have SPF I often wonder what that actually means, how much of
the xy% is PASS or FAIL (or SOFTFAIL).
In theory it's possible to check outbound mail against your own sending
IPs,
Julian invented that. SPF checks work best "at" the border, you can test
it
on the sending side. MSAs could use this trick, if they wish to identify
plausible (no FAIL) envelope senders.
I'm not sure about forwarders, they could as well try to forward it and see
what happens at the next hop.
Not just theory. My controlledmail.com MTAs all do this.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735