Julian Mehnle wrote:
SPF is all about clearly redefining the meaning of the SMTP envelope
sender from the fuzzy mess that it is in RFCs 821 and 2821, for any
domain that has an SPF record.
RFC 821 was a sound architecture, and RFC 1123 simply forgot to close
the odd 5.3.6(a) loophole. Without reverse path the MAIL FROM wasn't
updated by relayers (including forwarders to third parties, the only
critical case), and that killed the good "responsibility" concept in
RFC 821 for some years. Until SPF FAIL reintroduced it.
What you don't seem to get is that SPF is an opt-in system. If YOU
don't want YOUR mail to be subject to that clear redefinition, don't
publish an SPF record for YOUR domain. It's that simple.
For the rest of us, the benefit of SPF by far outweighs the (believe
it or not) ever so small forwarding problem, or we wouldn't be using
+1 After more than three years I'm still at *one* case where I had
to send a FAILing mail again (bypassing the broken-by-1123 forwarder).
Sender Policy Framework: http://www.openspf.org
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
Powered by Listbox: http://www.listbox.com