Re: [exim] Anti Phishing Trick

Pàgina inicial
Delete this message
Reply to this message
Autor: Nigel Metheringham
Data:  
A: exim-users
Assumpte: Re: [exim] Anti Phishing Trick
On Tue, 2005-08-30 at 11:51 +0200, David wrote:
> > As far as I can see, forwarding DOES break. Suppose a server A sends a
> > message from domain X to a server B, which is not configured to use SPF.
> > Server B accepts the message, but the user at server B forwards the
> > message to server C. Server C is into SPF, so it checks to see if server
> > B is permitted to send messages from domain X; it isn't, so server C
> > rejects the message. I call this broken.
>
> Please remember that if that is the case then the owner of the domain X
> has published a SPF record that clearly states that email for domain X
> must only be accepted from authorized servers. The only broken thing
> here is the policy of domain X, domain X could publish a softfail policy
> and mail from domain X will be never rejected, no matter the amount of
> forwarding servers the email has passed through.


Which means *everyone* except for very very small closed groups, has to
use softfail policy - ebay, amazon, the banks etc etc because they don't
have control of what legitimate recipients do with their mail.

So its absolutely zero use at all. Its broken. Its dead. Only the
idiots care about SPF any more.

Talking about SPF is not just beating a dead horse, the thing has been
pulped into nothingness and then fossilised.

So can we just drop the whole thing on this list before I start
expressing my real opinion on the matter and having to put a BBFC rating
on the list....

    Nigel.
-- 
[ Nigel Metheringham           Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]