Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Wietse Venema (wietseporcupine.org)
Date: Thu Apr 17 2008 - 07:45:00 CDT
> On 4/17/08, Wietse Venema <wietseporcupine.org> wrote:
> > Aneurin Price:
> > > Hello all,
> > >
> > > I've been searching for a way to get Postfix to perform SRS, and it
> > > looks like it's not currently possible, but i'd like to check if this
> > > is the case.
> > >
> > > It seems that SPF and SRS implementations are completely separate
> > > (which makes sense as they do completely different things, but still
> > > surprised me a little as I would have expected SRS to be more or less
> > > required if you want to use SPF). Unfortunately, although there are
> > > SPF implementations compatible with Postfix, it doesn't look like
> > > there are any for SRS.
> > >
> > > All the talk about it seems to say things like 'in development' or
> > > 'sort of works if you patch some old version', but then I've not found
> > > too much recent information, so could anyone summarise the current
> > > situation vis-a-vis SRS in Postfix?
> > Postfix implements SPF, SenderID, DKIM and DomainKeys only via
> > non-Postfix software (milters, smtp-based content filters).
> Should the absence of SRS from that list be taken to mean that it is
> not implemented at all, even using a milter?
SRS can be done today with an SMTP-based content filter. I don't
know if someone has taken this approach.
An alternative is to use the Milter plug-in interface. However,
this would have to wait until "replace envelope sender" support
(introduced with Sendmail 8.14) has been implemented in Postfix.
> I assume that's the case,
> based on http://www.openspf.org/SRS, which states that "Postfix
> doesn't support a plugin interface that can do SRS, but there is a
> source patch for libsrs2". Additionally, libsrs2 apparently is broken
> with recent versions of Postfix, and was only ever a development
> I was really hoping that this would turn out to be out of date, but I
> suppose I'll have to think of something else.
> A pity because the solution described in the page linked in my
> original mail seems like it would be something of a magic bullet for
> my current problem, allowing accurate automatic discernment of real
> bounces from backscatter.
There is no magic bullet. Solutions like SRS and BATV depend on
RFC-compliant behavior of remote MTAs (send mail from<> to envelope
sender address). Other solutions have other limitations, and what
works best is often a combination.