[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: @debian.org email forwarding and SPF

* Jeroen van Wolffelaar (jeroen@wolffelaar.nl) wrote:
> On Wed, May 19, 2004 at 02:14:56PM -0400, Eric Dorland wrote:
> > * Marco d'Itri (md@Linux.IT) wrote:
> > > On May 19, Andrew Pollock <apollock@debian.org> wrote:
> > > 
> > > > > And let's hope it will continue this way, SPF is a solution looking for
> > > > > a problem.
> > > > Please elaborate.
> > > SPF for minor gain breaks too many useful features of email, like being
> > > able to use the mail server of your ISP for all your mail (which is what
> > > we have been telling users to do in the last years) or easily forward
> > > mail.
> > > And again, deployment of SPF will not prevent or significantly reduce
> > > spamming.
> > 
> > SPF does not prevent you from doing any such thing. You merely have to
> > make sure that the envelope from address on the mail you send through
> > your ISP is your email at your ISP. Eg if your isp is bigisp.com, then
> > your envelope from needs to be somedude@bigisp.com.
> 
> Err, suppose that:
> - I have some ISP that only provides webmail -- now I need to go look
>   there for bounces?

If they only run webmail and don't allow you to forward your mail?
Switch ISPs or run your own mail server... if your ISP is that brain
dead you've got bigger problems. 

> - I don't want bounces to go to some other box than my real replies

Why wouldn't you want this, besides wanting to be difficult?

> - I have multiple people using email, using different accounts on my own
>   server. But I have only one emailadress with my ISP. So now all
>   bounces must be shared by everybody?

If your ISP supports address extensions you could do it that
way. Otherwise you're out of luck, use SMTP auth on a different mail
server.

> - I have an ISP that doesn't provide email at all?

I assume you mean they don't provide incoming SMTP.

Well in that case you have to use SMTP AUTH to send mail to a server
you presumably have an account on. SPF says you may have to do this in
a lot of cases.

> Setting the envelope to your ISP isn't always feasable -- the envelope
> is for bounces, and one sometimes does not want bounces to go to one's
> ISP. 
>
> In my own case, my ISP doesn't even provide email (everybody is supposed
> to use university mail or the like, but we _do_ have an outgoing SMTP
> server).

Unfortunately the reality today is that SMTP is too permissive, so we
have forged addresses in spam and backscatter. SPF is a solution to
these problems but of course things become less permissive. I'm
willing to accept some restrictions if it means we can help eliminate
the larger nuisances.

-- 
Eric Dorland <eric.dorland@mail.mcgill.ca>
ICQ: #61138586, Jabber: hooty@jabber.com
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
------END GEEK CODE BLOCK------
Reply to: