[Mimedefang] Deadline for SPF records
Ben Kamen
bkamen at benjammin.net
Tue Aug 10 15:27:43 EDT 2004
Richard Laager wrote:
>
> Example:
>
> Let's say that I work for a hypothetical ACME Widgets, Inc. My e-mail
> address is sales at acmewidgets.com. A potential customer,
> bob at example.com, tries to send me an e-mail message from his laptop
> using a public access point in his hotel. The network he's on is not
> listed as an allowed relay for example.com, according to their SPF
> record. My administrator (at acmewidgets.com) is honoring SPF
> records. What happens?
That's just it - if your sales guy is at hotel with his laptop, he could use
AUTH/STARTTLS and actually relay through his company's mail server. Thus the
email from sales at acmewidgets.com would be delivered by mail.acmewidgets.com to
where it needed to go... SPF would be valid. This no bounce at the destination.
So the second part below wouldn't even be an issue.
> If the people at example.com have setup their SPF record to say that
> mail from unlisted networks should be bounced, the message will be
> bounced. If they've said it should be subject to additional checks,
> but not outright rejected, it will be accepted and the SpamAssassin
> score increased. The behavior is exactly per their setup.
-Ben
More information about the MIMEDefang
mailing list