|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SPF is fundamentally broken
From: Alex van den Bogaerdt (alex
ergens.op.het.net)
Date: Mon Jan 12 2004 - 10:35:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Jan 12, 2004 at 05:15:40PM +0100, Pierre Beyssac wrote:
> On Mon, Jan 12, 2004 at 05:04:38PM +0100, Alex van den Bogaerdt wrote:
> > On Mon, Jan 12, 2004 at 10:46:32AM -0500, Victor.Duchovnimorganstanley.com wrote:
> > I'm with you on the SRS opinion. However, I welcome SPF.
> >
> > What is wrong with taking the letter out of the envelope, putting it
> > in another envelope and forward it using _your_own_ envelope?
>
> That's pretty simple, everyone administering a site with users using
> procmail to provide them with a supposed equivalent to .forward
> know that this causes *bounce loops* if the envelope from is set
> to the user for which the procmailrc was processed and the destination
> address bounces (if the envelope from is set to anyone else, the
> bounce is lost, which is not much better).
This is no different than when this same users sends a message to
the other side. If this creates bounce loops, the setup is flawed.
"B" has set a forward to "C" and "C" has a problem. Situations:
1) A sends to B, B forwards to C
2) A sends to B, B recreates a message and sends to C
3) B sends a message to C
situation 1: A gets the bounce. A cannot fix it
situation 2: B gets the bounce. See below
situation 3: B gets the bounce. See below
If the bounce is being forwarded again, the problem is the same.
This has nothing to do with A sending a message or not.
> > This, or alternatively, putting the entire package including the
> > original envelope in another envelope.
>
> Same problem: who do you send bounces to? At least the emitter has
> to be notified of these some way or another.
If C bounces the mail, let B forward it to A. With sufficient
checking, and with using that extra envelope, it would come down on:
1: receive the bounce.
2: strip the envelope (the one from "C" containing the letter from "A")
3: find yet another envelope
4: bounce this envelope back to its sender
If "B" has taken care to accept a message from "A" after making sure
it really was "A", and if "B" has taken care to make sure the bounce
from "C" is for real, "B" can forward the bounce to "A".
"A" wants to know it was impossible to reach the user behind "B",
not the user behind "C". If I send something to "B", I do not expect
nor do I desire a message saying it was impossible to deliver something
to "C". I'll probably think it is spam, or the result of spam being
sent impersonating me.
Alex
--
begin sig
http://www.googlism.com/index.htm?ism=alex+van+den+bogaerdt&type=1
This message was produced without any <iframe tags
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]