Autore: Peter Bowyer Data: To: exim users Oggetto: Re: [exim] SPF feature would be more useful if
On 19 July 2010 16:56, Graeme Fowler <graeme@???> wrote: > On Mon, 2010-07-19 at 08:19 -0700, Marc Perkel wrote:
>> Although received headers can be forged, it is unlikely most spammers
>> would do so Spammers would have to make SPF calls to do the forgery and
>> that would be to expensive bandwidth wise. What I'm thinking is
>> preventing false positives due to email forwarding.
>
> You are Miss De Point and I claim my five pounds :)
>
> Received headers are routinely forged in spam. It costs the spammer
> nothing. It would cost you a lot to test against them.
>
> The *only* Received: header you should trust is that added by your own
> MTA.
>
> It's also worth saying that in SPF terms "false positives due to email
> forwarding" aren't false positives at all, they are messages which do
> not adhere to the published policy. That's the sender's problem, not
> yours (as the "recipient").
>
> If you're going to do this sort of check (which is ignoring the sending
> domain's published policy), why bother doing SPF checks at all?
Actually I can kind-of see the point here... given a trusted forwarder
who doesn't check SPF, and therefore breaks it sometimes, it might be
useful to put yourself in their shoes and do their inbound SPF check
for them after the fact - and assuming you trust the original sender,
you can trust the otherwise-broken forwarding.
