On 2004-12-10 18:58:50 +0530, Devdas Bhagat wrote: > On 09/12/04 23:42 +0100, Frank Ellermann wrote: > > Devdas Bhagat wrote: > > > What about using multiple .forwards or equivalent? > > > > Forwarding is something the receiver does. Sender policies are > > something the senders publish. Senders don't know and don't > > care what a receiver does, it's his problem. Senders only say: > > > > Right. But .forward is still used and SPF breaks that. True. And that means that as a receiver you can only use SPF to reject mail if you know that the mail did not run through a legitimate .forward. For my 1-person-setup at home that's pretty simple. I know where I have .forwards pointing to which address, so I can either whitelist these addresses or the servers with the .forwards. For an ISP it means they have to allow users to maintain their own whitelists and they have to offer support for those users. I am not prepared to do that at my work place. I expect there to be way too many support calls for the little spam/phishing/forgeries this will stop. > > > Or people using the bounce feature in mutt? > > > > Is that the stuff where I get mail claiming to be MAIL FROM me, > > but in fact it's from somebody else ? I'd report it to abuse@ > > for the corresponding IP, it's forged. But actually it should > > never arrive if publishers of -all policies also check SPF on > > their own MX. > > No. Mutt adds a Resent-from header and keeps the original mail > information. Mutt also generates a new envelope MAIL FROM with the same content as the Resent-From header, so it isn't broken by SPF. hp -- _ | Peter J. Holzer | Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | hjp at hjp.at | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd
Attachment:
pgpiO2dGRMz89.pgp
Description: PGP signature
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg