> > Looks vaguely like they're running SRS (so presumably SPF?). If they
> > are, does this necessarily mean their servers are broken?
>
> But what I understand from SRS is, that (for some limited period of
> time, mostly at least some days) they should expect bounces for the
> SRS-generated address.
>
> Or did I miss some important point?
That's pretty much the way I understand it.
SRS has two goals, I think: (1) to use a reverse-path where the domain part is
"local" to the sending system (this helps with SPF checks); and (2) to ensure
that the whole reverse-path is valid, and maps back to the original sender.
They appear to have achieved (1); (2) is achieved only for replies with a
non-null sender, which kind of defeats the whole purpose, because any replies
sent to reverse-paths are always sent with a null sender.
Until this thread started, I hadn't spotted that their reverse paths were
valid when used with a non-null sender. However that somewhat goes against
RFC2821,
All other types of messages (i.e., any message which is not required
by a standards-track RFC to have a null reverse-path) SHOULD be sent
with with a valid, non-null reverse-path.
--
Dave Evans
Power Internet
PGP key:
http://powernet.co.uk/~davide/pgpkey
