Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: Re: Re: Re: Re: SPF for Perl Monks domains

by rob_au (Abbot)
on May 15, 2004 at 19:07 UTC ( #353665=note: print w/ replies, xml ) Need Help??


in reply to Re: Re: Re: Re: SPF for Perl Monks domains
in thread SPF for Perl Monks domains

The domain's SPF record is like: v=spf1 a:primary-mx a:forwarding-mx -all

This configuration only allows mail to be sent for the domain from the specified hosts primary-mx and forwarding-mx - It does nothing for mail from other domains which may be forwarded through the host forwarding-mx. For forwarded mail to be correctly received, the SMTP envelope must be rewritten.

 

perl -le "print unpack'N', pack'B32', '00000000000000000000001011010111'"


Comment on Re: Re: Re: Re: Re: SPF for Perl Monks domains
Select or Download Code
Re: Re: Re: Re: Re: Re: SPF for Perl Monks domains
by Juerd (Abbot) on May 15, 2004 at 20:57 UTC

    other domains

    What do other domains have to do with it? I'm confused.

    Juerd # { site => 'juerd.nl', plp_site => 'plp.juerd.nl', do_not_use => 'spamtrap' }

      Assume we have the domain example.com with the SPF zone file entry of v=spf1 a:192.168.0.1 a:192.168.0.2 -all. This configuration would specify that the hosts 192.168.0.1 and 192.168.0.2 and no others are allowed to send mail from the domain example.com. As per your previous post, the host 192.168.0.1 is also the primary mail exchanger for this domain - Any mail however which is forwarded from this mail exchanger will not have the SMTP envelope sender address of the domain example.com but rather that of the original sender domain.

      As such, if the secondary mail server, to which mail is forwarded from 192.168.0.1 is SPF aware, the incoming mail from 192.168.0.1 may be considered to be illegitimate because the SMTP envelope sender address is not of the domain example.com but rather the original sender domain. As such, when forwarding mail under SPF, the SMTP envelope sender address (or return path) must be re-written in order to ensure delivery - The requirement is described in the PDF document at http://spf.pobox.com/emailforwarders.pdf.

      Note that this issue is not unique to SPF - The Caller ID proposal from Microsoft requires modifications to the Sender header of forwarded mail messages in order not to break mail forwarding.

       

      perl -le "print unpack'N', pack'B32', '00000000000000000000001011011000'"

        Any mail however which is forwarded from this mail exchanger will not have the SMTP envelope sender address of the domain example.com but rather that of the original sender domain.

        Thank you for your very clear explanation. I was thinking only of outgoing mail, and for that, this is not a problem.

        Juerd # { site => 'juerd.nl', plp_site => 'plp.juerd.nl', do_not_use => 'spamtrap' }

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://353665]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (5)
As of 2014-10-22 02:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (112 votes), past polls