spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Re: SPF blocking e-mails coming from an E-card service server

2007-04-06 14:14:23
from [Frank Ellermann] [Permanent Link] 
dan1 wrote:


I have an E-card customer of our site who has sent an e-mail to
someone who's e-mail server is using SPF.


Yes, that's an FAQ on the openspf.org site for some years now, see
http://www.openspf.org/Best_Practices/Forwarding
http://www.openspf.org/Best_Practices/Webgenerated


They detected that the sender of the e-mail was not allowed to send an
e-mail from another server (like ours). They request this user to send
e-mails only from one of its allowed servers.


Working as designed for a FAIL result, you're not permitted to say
"mail from customer" if it's actually "mail from you".  As I learned
yesterday even Google still has difficulties with this concept... :-|

You've to fix your setup, or you can forget all users with a FAIL
policy (all @gmx.net, just an example, there are millions)


We need to do this


NAK, you don't.  You can say From: user, Sender: you, MAIL FROM: you,
as specified in the mail standards.


as it allows the recipient to directly answer to the sender


You are the sender.  With From: user normal replies go to the user,
not you.


if there is any e-mail problem, the problem will directly be sent
to the sender and not our server


You are the sender.  If there's a problem between the sender (you)
and the receiver, sending mail to a third party (your user) would
be a very bad plan for several reasons:

1: it's a user, users have no clue what mail problems you might
   have with the receiver, maybe they block you or something
2: it's a problem between you and the receiver, and nobody is
   interested to debug any potential problems between your user
   and the receiver.  Stick to one error on one route, don't add
   more routes, let alone routes to clueless users.


the customer would never know of the problem and wrongly think
that the e-mail was sent properly.


You know the address of your user, if it's a very simple problem
(judged by you, because you know how stuff works) like a typo in
the receiver address you can inform your customer.

If it's the usual tricky case, you're blocked by the receiver or
similar, informing the user is stil possible, but above all you
have to fix it, your user can't (and won't understand the issue)


Can some one tell me how E-cards developpers should act regarding
that matter?


Check out the links noted above.  There's a "help" mailing list
better suited to work out the SPF basics than this list, with a
huge archive, see http://dir.gmane.org/gmane.mail.spam.spf.help

There's also a chapter in RFC 4408 about this kind of mail service:
http://tools.ietf.org/html/rfc4408#section-9.4

Frank


-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: libspf.org, william(at)elan.net
Next by Date:  [spf-discuss] Re: libspf.org, Julian Mehnle
Previous by Thread:  Re: [spf-discuss] SPF blocking e-mails coming from an E-card service server, Stuart D. Gathman
Next by Thread:  Re: [spf-discuss] Re: SPF blocking e-mails coming from an E-card service server, dan1
Indexes:  [Date] [Thread] [Top] [All Lists]