spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] TENBOX/E (now SWK-SPF) rough draft

2008-02-01 15:31:42
from [Michael Deutschmann] [Permanent Link] 
On Thu, 31 Jan 2008, "Stuart D. Gathman" wrote:

I hate to tell you this, but most MTAs are run by people who have never
heard of rfc2821, and merrily reply to a MAIL FROM of <>, "Damn
the mail loops and full speed ahead!"


So to which IP address do they send their "RCPT TO: <>"?

If you mean that they'll bounce to RFC822 addresses, that's not the
forwarder's problem.  It may make the original sender angry, but that
anger will be directed at the recipient's IP addresses, not the forwarder.
And this will be the same regardless of whether the forwarder is
traditional, SRS, or "Courteous".


That doesn't mean it isn't courteous to mark them anyway.  But these
same MTAs will submit you to a blacklist if you send them too many DSNs,
(even for mail from their own IPs!)


There's not much a forwarder can do if the recipient is going to be a
dip.  After all, if there was a way a sender could unilaterally force a
recipient to 2xx everything, not do SPF, and not count karma, spammers
would be using it.

In practice, I would make one modification.  In the unbouncable case, my
SMTP client would switch to Sham-SRS if it cannot negotiate SWK-SPF
authentication.

So, for <sarah(_at_)example(_dot_)com> sending to <fred(_at_)example(_dot_)org> 
which forwards
to <ralph(_at_)example(_dot_)net>, example.org would do one of the following:

Case 1: Sarah's message got SPF pass, example.net offers SWK-SPF:
  MAIL FROM: <sarah%example(_dot_)com+HASH(_at_)example(_dot_)org> 
AUTH=fred(_at_)example(_dot_)org

Case 2: Sarah's message got SPF pass, example.net doesn't do SWK-SPF:
  MAIL FROM: <sarah%example(_dot_)com+HASH(_at_)example(_dot_)org>

Case 3: Sarah's message got SPF neutral, example.net offers SWK-SPF:
  MAIL FROM: <> AUTH=fred(_at_)example(_dot_)org

Case 4: Sarah's message got SPF neutral, example.net doesn't do SWK-SPF:
  MAIL FROM: <shamsrs-fred(_at_)example(_dot_)org>
(where shamsrs-fred(_at_)example(_dot_)org 5xxes everything.  To circumvent 
dippy
admins who use callbacks, it might give 2xx at RCPT TO:, and save the 5xx
for DATA.)

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=92867753-00a651
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Yet another attempt to fix forwarding, Stuart D. Gathman
Next by Date:  Re: [spf-discuss] Yet another attempt to fix forwarding, David MacQuigg
Previous by Thread:  Re: [spf-discuss] Re: Strong SPF assertions, Ian Eiloart
Next by Thread:  Re: [spf-discuss] TENBOX/E (now SWK-SPF) rough draft, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]