Hi --
Forgive me if this has been talked about; I took a quick look in the
mailing list and didn't see this, exactly.
I've adopted SPF, and am in the process of converting some people from
forwarded accounts (say, those who use "vanity" domains but really forward
to their day-to-day hotmail/aol accounts) to actual real SMTP/POP
accounts.
However, some are not convertable for human reasons, and I have an idea
I thought I'd raise to the list.
For those that don't know much about SPF (
http://spf.pobox.com) I will
briefly state the problem. THIS PROBLEM MAY AFFECT YOU whether you adopt
SPF or not, since SPF is currently being adopted by thousands of server
administrators.
Here's the scenario:
#1. My ISP is responsible for "mydomain.com".
#2. One of my customers has a forward of "bob@???" to
"bob@???".
#3. Bob is contacted from "someone@???".
#4. theirdomain.com and freemailprovider.com have adopted SPF.
So, the mail flows as such:
someone@??? -> bob@???
mydomain.com forwards this mail to bob@???
The problem is that freemailprovider.com, having adopted SPF, checks to
see who's responsible for @theirdomain.com addresses. It matches this
against mydomain.com's mail server, and makes the decision that THIS
MESSAGE IS SPOOFED because it didn't come from one of theirdomain.com's
mail servers.
Now, there are solutions to mangle the addresses into the old-school
SMTP # notation, but I think that's ugly.
Here's what I'd like to do:
#1. I specify bob@??? as an exception that needs to go through
a special header rewrite process. It isn't applied to all at
mydomain.com, just bob@???.
#2. When a message comes in for bob@???, I want the From:
header to be forced to super-postmaster@???.
#3a. If there's a Reply-to: header, I want the original From: header to
be placed in X-Original-From (or something like that).
#3b. If there isn't a Reply-to: header, I want the original From: to be
placed in the Reply-to: header.
I am not an SMTP guru, but have used it for years, so perhaps there's
something I'm missing. I also am new to SPF. However, this seems like a
relatively safe way to make sure that a forward gets delivered.
Users will have to be educated to know not to reply back to
super-postmaster@???, and I might put an auto-answer there to
tell them they have to use the Reply-to: address. The Pine e-mail client
routinely asks if I want to send to the From: or Reply-to: but I'm not
familiar with Eudora/Outlook/et al.
I look to see any (a) technical solutions in terms of exim
configuration, and/or (b) pointers to documentation or examples to get me
on my way (RTFM away!), and/or (c) encouragement/criticism on this
approach.
Thanks!
-- Justin