On Tue, 11 Oct 2011 15:49:36 +0200, Matus UHLAR - fantomas wrote:
such forwarding will break SPF iff the forwarder does not change the
mail from: address, and in such case it FAKES the return path, since
it's not the original sender who sent the mail, it's the recipient.
On 11.10.11 20:55, Benny Pedersen wrote:
it breaks dkim if anything is changed, this is not fud
Well,
- SPF is not DKIM
- DKIM is broken if someone changes the mail content, not the envelope
address.
according to some discussions the DKIM seems to have problems with mail
reformatting by courier MTA. Maybe the specification could be relaxed
to case insensitive checking of headers...
Whoever wishes to get mail forwarded through mailbox that does not
this kind of rewriting, should configure the forwarder as
trusted/internal for this case.
only trusted_network for the forwarding mta is needed to make spf work
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.
