Re: Tool for validating sender address as spam-fighting technique?

[Benny Pedersen <me...@junc.org>]

On Sun, March 11, 2007 14:31, Justin Mason wrote:

> at others, forged to appear to be from them.  It's the obvious response to
> SAV, which is one reason why we never implemented something like that in
> SpamAssassin.

if more mta reject from spf then it was not that a big problem, but spf braks
forwarding, or is it users that breaks spf ? :(

-- 
This message was sent using 100% recycled spam mails.

Re: Tool for validating sender address as spam-fighting technique?

[Magnus Holmgren <ho...@lysator.liu.se>]

On Tuesday 03 April 2007 16:40, Benny Pedersen wrote:
> On Sun, March 11, 2007 14:31, Justin Mason wrote:
> > at others, forged to appear to be from them.  It's the obvious response
> > to SAV, which is one reason why we never implemented something like that
> > in SpamAssassin.
>
> if more mta reject from spf then it was not that a big problem, but spf
> braks forwarding, or is it users that breaks spf ? :(

SPF doesn't break forwarding if employed carefully. Mail isn't forwarded 
totally randomly; in sane configurations a user U tells a system A to forward 
his mail to system B. If B wants to enforce SPF, they have to allow U to tell 
them about this forwarding, so that an exception can be made. A relatively 
secure and not too user-unfriendly way of doing this could be with special 
addresses on this form: user+forwarded-(secret)@domain.example.

-- 
Magnus Holmgren        holmgren@lysator.liu.se
                       (No Cc of list mail needed, thanks)

  "Exim is better at being younger, whereas sendmail is better for 
   Scrabble (50 point bonus for clearing your rack)" -- Dave Evans