On Tuesday 03 April 2007 16:40, Benny Pedersen wrote: > On Sun, March 11, 2007 14:31, Justin Mason wrote: > > at others, forged to appear to be from them. It's the obvious response > > to SAV, which is one reason why we never implemented something like that > > in SpamAssassin. > > if more mta reject from spf then it was not that a big problem, but spf > braks forwarding, or is it users that breaks spf ? :(
SPF doesn't break forwarding if employed carefully. Mail isn't forwarded
totally randomly; in sane configurations a user U tells a system A to forward
his mail to system B. If B wants to enforce SPF, they have to allow U to tell
them about this forwarding, so that an exception can be made. A relatively
secure and not too user-unfriendly way of doing this could be with special
addresses on this form: user+forwarded-(secret)@domain.example.
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans
pgpIwKM9KM6H7.pgp
Description: PGP signature
