Autor: David Woodhouse Data: Para: Mailing List belonging to precisely one Exim User Assunto: Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?
On Sun, 2004-03-21 at 14:02 -0500, Greg A. Woods wrote: > Unfortunately the problem with forged sender addresses isn't stopping
> any attempts of receiving fake mail claiming to be from you, it's
> stopping many millions of other servers from receiving messages using
> your address or any addresses in your domain that you didn't send so
> that they don't feel they have to generate a new bounce message and send
> it back to your server if the recipient address they accepted turned out
> to be invalid.
Actually I don't care about that. If my address was faked as a sender
address, and a bounce is created by one of these broken servers, then my
machines reject it. Unless, that is, one of the time-limited,
hash-signed addresses is used by the spammer as the reverse-path. Which
is unlikely.
But I don't claim that this is _useful_. I'm pointing out that my
solution is at least as useful as SPF, and hence we don't need to accept
the breakage of SPF -- whether we think SPF actually buys us anything or
not.