On 6-Apr-07, at 2:10 PM, dan1 wrote:
Hello.
I have an E-card customer of our site who has sent an e-mail to
someone who's e-mail server is using SPF.
They detected that the sender of the e-mail was not allowed to send
an e-mail from another server (like ours). They request this user
to send e-mails only from one of its allowed servers.
This is problematic for our E-card service, as we force the
sender's e-mail address to be coming from the one the user is
typing. We need to do this, as it allows the recipient to directly
answer to the sender, and also because if there is any e-mail
problem, the problem will directly be sent to the sender and not
our server, else the customer would never know of the problem and
wrongly think that the e-mail was sent properly.
Can some one tell me how E-cards developpers should act regarding
that matter?
We currently never had any forgery of a spammer who would use our
server, and they are limited to only 10 E-cards per day and per IP
address, so it is quite clean and already very restrictive, and we
also check first the sender's IP for spamlists before accepting the
e-mail, this is probably why we didn't have any problem at all with
hackers willing to use our service.
Thanks in advance for any advice.
Daniel - Edenpics.com
This scenario is covered on the SPF web site but essentially what you
need to is configure the header of the outgoing E-card so that the
Return-Path reflects that the email is coming from your server but
the From address is of the person sending the E-card.
This way the Return-Path indicates that the E-card is coming from
your domain and passes SPF and since the From address reflects the
address of the person sending the E-card, any replies to the E-card
will be sent to the original sender.
--
Gino Cerullo
Pixel Point Studios
21 Chesham Drive
Toronto, ON M3M 1W6
416-247-7740
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735