On Wed, Dec 9, 2020 at 11:29 PM Thomas Walter via mailop <mailop@mailop.org> wrote:
> Hey Brandon, > > On 09.12.20 00:55, Brandon Long via mailop wrote: > > > > On Tue, Dec 8, 2020 at 1:31 AM Paul Smith via mailop <mailop@mailop.org > > <mailto:mailop@mailop.org>> wrote: > > If you're forwarding to your own company's mail server, then it > should > > be easy to have that forwarding work with SPF, and if you're > forwarding > > to someone like gmail, then, to be honest, it should be relatively > > trivial for them to *USE* SPF to allow forwarding to them. I could > tell > > Google to allow a specific domain to forward to me (the domain of the > > forwarder), and they use the SPF record for that domain to validate > the > > IP addresses that can then forward and override other SPF checks. > > > > > > That feature was on my backlog at Gmail for a long time, but never high > > enough priority > > to get off it... now it would probably use ARC instead unless that > > becomes a pipe dream, > > at least theoretically with ARC we could just learn it and not worry > > about the user interface > > and confusing users. > Interested question: Your systems could learn something like that too? > > If a number of emails come in to the same recipient with "failing" SPF > from the same host(s)/domains it is probably a forwarder to that recipient? > We have some things that we use for trying to learn forwards, but they are far from perfect. ARC would be a much cleaner signal and one we'd likely put more effort into due to it's need for DMARC and mailing lists. With ARC, we wouldn't need to learn of the forwarding, but we would need to determine whether we want to trust a given forward. Brandon
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop