At 11:20 27/11/2009 Friday, you wrote:
--On 27 November 2009 08:48:44 +0100 Alessandro Vesely
<vesely(_at_)tana(_dot_)it> wrote:
The decision that is up to users is to enable either forwarding by one
server or fetching by the other one. Gmail and many other servers offer
fetching: it is the solution with fewer problems.
Except that it requires you to Gmail to store your password for the remote
account in a recoverable format. For our users, that means violating our terms
and conditions of use. In fact, we'd not permit them to share our passwords
with Gmail even if Gmail were storing them securely. We have a common
authentication mechanism that means you can do more with the password than
just read email.
We'd need something like OAuth to make it work securely.
As an intermediate effort, we could provide a second account with distinct
credentials that was used ONLY for IMAP, and had read permissions on the
mailbox of the primary account, though. It's probably easier to implement SRS,
but we'd still like the receiving account to whitlist our forwarding, so that
we don't pollute our reputation.
I'd suggest that SRS-forwarding to gmail would be less benefit
than say offering a dedicated second pop3/smtp-submission server with dedicated
credentials
just for the reason of ip-reputation {which srs-forwarding unfortunately does
tend to muddy}
and additionally it allows users to webmail reply from their work address via
your servers {thus without having to allow all gmail users the potential for
forging mail and passing SPF}
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com