Re: [courier-users] breaking smtp

--===============0062238401==
Content-Type: multipart/signed; boundary="nextPart2601966.igNUKrFEjE";
protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart2601966.igNUKrFEjE
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hi.

Am Montag, 5. November 2007 schrieb Alessandro Vesely:
> > SPF can only get spread if the forwarding-problem gets solved. SRS is a
> > proposition for this but is not that accepted (see, courier doesn't
> > support it because Sam calls it broken (iirc)).
> IMHO forwarding is not a problem. Although I admit I had to amend a few
> scripts, typically adding a "-f simple-srs@example.com" in the relevant
> command line, where <simple-srs@example.com> is delivered to the person
> who can remove that command line (me, in my case).
>
> When a forwarding fails, I just remove it. If a DSN is required I send it
> manually. In facts, I have no automated methods to add forwarding rules.

Ehm, I won't call this a useful way to go. If you get more than a bounce a=
=20
week, this starts buggin', doesn't it? :)


> > So if one enforces SPF (or, rejects messages with failed SPF checks), he
> > relies on every one else implements SRS (or something similar) or breaks
> > regular forwarding to his host.
> Yes, people cannot illegally forward foreign messages. That is consistent
> with European privacy rules.

I think it's not.
=46orwards that are set up by the recipient shouldn't be illegal.=20
This problem is IMHO exactly what SRS tries to resolve. If one of my custom=
ers=20
forwards mail to his other account at some other company, the destination=20
server rejects my message because the sender's address is still set to the=
=20
original sender (that sent the message to me) and I am not listed as a vali=
d=20
sender for the sender's domain.=20
That's a really common scenario and requires that the forwarding mail serve=
r=20
rewrites the envelope sender to end up in his own domain that allows him to=
=20
send mail (SPF-wise).

But simply rewriting the sender breaks automatic bounce processing.

=46or sure, I could use some per-user-script outside the mail server that d=
oes=20
SRS (or any similar way) but that's not really easy to maintain.


> > SPF standalone doesn't really help anything.
> It helps the owner of a domain to avoid that others abuse of it.

And causes that his mail not to be forwarded if the destination is just a=20
forward to another host and the forwarder does no sender rewriting.

I meant "SPF without widespread SRS" when I wrote "SPF standalone".


> Its relevance as an anti-spam device is to force spammers to send from
> their own domains, so that receivers know where they may claim damages.
> (Which will only happen when all hosts have SPF records)

Absolutely, SPF should never be considered an anti-spam device. It was=20
developed as anti-forgery device and that's what it is.

In a world free of forged e-mail sender addresses, fighing spam is much eas=
ier=20
to do, but SPF does nothing against spam.

cu, Bernd

=2D-=20
Lautsprecher verst=E4rken die Stimme, aber nicht die Argumente.

--nextPart2601966.igNUKrFEjE
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iQIVAwUARy+A4g0b18vi86Q/AQLLmA/+MYz4zYF9L7rf3iqq/oOkiQ1ZL9z9iYkm
vH97vbyf/pZ9YZniv02vZAEPmLGnE0W6zaMmcZKiCAbgMZUO7Is0DFbozqk srSjR
RamWKsCK9o0cG/0JIvGFEb+85NXd7VpEI3Xs9X4fe1bL04sUUf4M22u9gbErAaD/
DbiIvoaGUCR16hRMkwKn6WxmvldVlPv+yLnYsQ7dU34rlM9Xww QAiB6kym09+mIR
T0lt4eB9CYKtrDTjb+fumZTDO8iwSj+R55XfTLe5LvSEIuWah/EUDLq5oEf+xAj2
dD+q4Pz54YP6umT+QbPsAK4oAE1yyF5CcgVy7kdbANCYGePjT1 gRf7+nJxpAQYrM
bEfzuU07PcEF7Uj9xRz1igPs0zTqcmG4JHtCnGntvjnj41e4ea Td24fu7ULxXxT3
5Q5tIq74TuHRRMKaJrWUnZ3oSSBKQylSjuU1GmbWH0PxEM3l4j Mxk6yVBn+h6Wvn
x8uCLrOzEvhIZbgWIrskARLPwtJO4Dqwmcv9bQfZbQfKc2/huCoBmTtTQdvlvuvb
wC10w3aSN7ypo1Yl6IBBZn042bX3DJePmtPrd2DRF8UkHmd5ID hAz2pRBPlH2Tb7
W7M1dY0xmolYgKPIdUHiMGR3fIETermWluSROi+tQNNFrnZY4G Ttun/IWZx8sYqF
nlnwHk6F33Q=
=rMce
-----END PGP SIGNATURE-----

--nextPart2601966.igNUKrFEjE--


--===============0062238401==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
--===============0062238401==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users

--===============0062238401==--