Michael Deutschmann wrote:
Forwarding Problem B - Forwarders are left holding a hot
potato if they accept SPF-neutral mail and the ultimate
recipient MX 5xx's it.
Problems K and B really hurt the forwarder, and can only
be resolved by recipient whitelisting, period.
B: I think that's no specific "forwarding" problem, a receiver
accepting NONE / NEUTRAL is in trouble if he can't deliver the
mail. That's why SPF was invented, for FAIL reject works, for
PASS accept works, and for NONE / NEUTRAL it's a hard problem.
Once an honourable mail admin *knows* that a given message is
a trusted forward, he must turn off spam defenses so that he
doesn't force Problem B on an innocent other admin.
That would limit the next hop to the defenses available at the
forwarder, neither "better" nor "different" would be honourable.
The forwarder accepted the mail for some reasons, therefore he
is 100% responsible for it. If he doesn't like that, a valid
decision, he can reject it with "551" as explained in RFC 821.
Taking "251" decisions lightly is a failure of the forwarder -
it can't be the failure of later hops.
Of course "we" urge senders to help out with SPF PASS / FAIL
policies, allowing receivers (or here forwarders) to avoid the
2821bis NONE / NEUTRAL dilemma, but at the end of the day it's
the receiver (here forwarder) who accepted NONE / NEUTRAL mail.
Frank
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=86845008-78ccfd
Powered by Listbox: http://www.listbox.com