Re: [Exim] SPF

Top Page
Delete this message
Reply to this message
Author: Tony Finch
Date:  
To: D.H.Davis
CC: exim-users
Subject: Re: [Exim] SPF
Dennis Davis <D.H.Davis@???> wrote:
>
>The last time I looked it badly broke mail forwarding. I regard
>that as unacceptable, especially as it was possible to construct
>scenarios where innocent third parties got clobbered. There are
>other disadvantages, many of which have been aired on this list.


It's a big problem here too. I'm slightly dismayed at the popularity
of SPF.

However, I think it may be possible to accommodate traditional forwarding
in an SPF world, with a little modification. If you VERP the return-path
when a message is forwarded, you can then send the bounce to the message's
originator (as with traditional forwarding) rather than losing it as
with naive implementations of SPF. You have to be very careful of the
implementation of the VERP: it must be nestable, to accommodate multiple
forwardings; and it must be unforgeable (e.g. using a cryptographic MAC),
so that it can't be used to relay spam like the % hack.

Tony.
--
f.a.n.finch <dot@???> http://dotat.at/
FISHER: NORTHWESTERLY 5 TO 7, OCCASIONALLY GALE 8, BECOMING VARIABLE 4. SNOW
SHOWERS. MODERATE.