Re: [exim] SPF Feature - Walk Received header

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Peter Bowyer
Data:  
Para: exim users
Asunto: Re: [exim] SPF Feature - Walk Received header
On 07/05/2009, Marc Perkel <marc@???> wrote:
> I'm not currently using SPF but I thought of a feature that mught make
> SPF useful. If there were a test that checked all the received lines and
> returned true if any host matched the SPF record it might eliminate the
> forwarding issue that SPF breaks.


That would leave a gaping barn-door-sized hole in SPF - a forger could
look up the SPF record for the domain he was forging, and add a forged
Received header claiming the message had been originated correctly.

I guess you could apply this rule to a small whitelist of trusted
forwarders, though. But those people should be using SPF/SRS
themselves (mine do).

Peter

--
Peter Bowyer
Email: peter@???
Follow me on Twitter: twitter.com/peeebeee