Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: David Woodhouse
Data:  
Para: Mailing List belonging to precisely one Exim User
Assunto: Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?
On Sun, 2004-03-21 at 14:02 -0500, Greg A. Woods wrote:
> Unfortunately the problem with forged sender addresses isn't stopping
> any attempts of receiving fake mail claiming to be from you, it's
> stopping many millions of other servers from receiving messages using
> your address or any addresses in your domain that you didn't send so
> that they don't feel they have to generate a new bounce message and send
> it back to your server if the recipient address they accepted turned out
> to be invalid.


Actually I don't care about that. If my address was faked as a sender
address, and a bounce is created by one of these broken servers, then my
machines reject it. Unless, that is, one of the time-limited,
hash-signed addresses is used by the spammer as the reverse-path. Which
is unlikely.

But I don't claim that this is _useful_. I'm pointing out that my
solution is at least as useful as SPF, and hence we don't need to accept
the breakage of SPF -- whether we think SPF actually buys us anything or
not.

--
dwmw2