On Tue, 22 Jan 2008, Alessandro Vesely wrote:
that the MRN can be determined in advance. As I
understand it, the point in determining where
the border lies is that spam should be stopped
there.
No, the point in determining where the border lies is that forgeries detected
via SPF can only be rejected there. While forged implies spam, the converse is
not true (not forged does not imply not spam).
The problem of forwarders getting their reputation with a recipient sullied by
forwarding spam at the explicit request of same recipient is not an SPF
problem.
While all these ideas of new protocols to allow large ESPs to properly handle
forwarders (whether for rejecting on SPF or to avoid reputation problems as
with forwarding to AOL) are nice, the only simple SPF forwarding solution for
large ESPs that "works now" I've heard is the very simple "reject with 551" so
that the sender can resend to the real target address. This has the additional
benefit of obviously deprecating the forwarded address in the eyes of the
sender. If you *don't* want to deprecate the forwarded address, then set up a
proper forwarding relationship! Even if it means you have to setup your own
MTA instead of using gmail or aol.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=88540009-7928c3
Powered by Listbox: http://www.listbox.com