Re: [exim] SPF Feature - Walk Received header

Peter Bowyer wrote:
> On 07/05/2009, Marc Perkel <marc@???> wrote:
>
>> Peter Bowyer wrote:
>> On 07/05/2009, Marc Perkel <marc@???> wrote:
>>
>
>
>> I'm not currently using SPF but I thought of a feature that mught make
>>
> SPF
>
>> useful. If there were a test that checked all the received lines
>> and
>>
> returned true if any host matched the SPF record it might eliminate
>
>> the
>>
> forwarding issue that SPF breaks.
>
>
>> That would leave a gaping barn-door-sized hole in SPF - a forger could
>>
> look
>
>> up the SPF record for the domain he was forging, and add a forged
>>
> Received
>
>> header claiming the message had been originated correctly.
>>
>
> I guess you
>
>> could apply this rule to a small whitelist of trusted
>>
> forwarders, though.
>
>> But those people should be using SPF/SRS
>>
> themselves (mine do).
>
> Peter
>
>
>
>> Granted that a spammer could forge received headers. Most don't.
>>
>
> Eh? Have you looked at many spam samples lately? Or in the last 10 years?
>
>
>> I'm
>> thinking that not bouncing forwarded email is better than the few spammers
>> who sneak through.
>>
>
> Not spammers - forgers. Providing a way to defeat an anti-forgery
> mechanism wouldn't be my choice. But hey, if that's what you want....
>
>
>

I'm thinking that forgers would be less of a problem that false
positives produced by forwarded email. I'm more concerned about false
positives which are far more common under SPF.