Re: [exim] SPF Feature - Walk Received header

On 07/05/2009, Marc Perkel <marc@???> wrote:
>
>
> Peter Bowyer wrote:
> On 07/05/2009, Marc Perkel <marc@???> wrote:

> I'm not currently using SPF but I thought of a feature that mught make
SPF
> useful. If there were a test that checked all the received lines
> and
returned true if any host matched the SPF record it might eliminate
> the
forwarding issue that SPF breaks.

> That would leave a gaping barn-door-sized hole in SPF - a forger could
look
> up the SPF record for the domain he was forging, and add a forged
Received
> header claiming the message had been originated correctly.

I guess you
> could apply this rule to a small whitelist of trusted
forwarders, though.
> But those people should be using SPF/SRS
themselves (mine do).

Peter


>
> Granted that a spammer could forge received headers. Most don't.

Eh? Have you looked at many spam samples lately? Or in the last 10 years?

> I'm
> thinking that not bouncing forwarded email is better than the few spammers
> who sneak through.

Not spammers - forgers. Providing a way to defeat an anti-forgery
mechanism wouldn't be my choice. But hey, if that's what you want....


--
Peter Bowyer
Email: peter@???
Follow me on Twitter: twitter.com/peeebeee