[Mimedefang] Deadline for SPF records
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Thu Aug 12 03:33:57 EDT 2004
On Tue, 10 Aug 2004, Cor Bosman wrote:
> I mean, one of your customers (employees, whatever) sending email through
> your server using validusername at hotmail.com (basically their own hotmail
> account).
They can in the From: header, but in the envelope your MTA is to ensure
that DSNs have a valid return address, hence, the envelope must be some
local account.
> Sure, but if they are sending themselves (and have for years) and suddenly
> people are implementing SPF and we dont list their dynamic dialup host
> as a valid senderhost, their mail will be suddenly rejected.
Yup. That's is what happening now already, because of DUL blacklists.
Do you participate in some SourceForge projects? I do. And I painfully
noticed that I cannot run those mails through my mail server at home.
> Yeah, they could/should use our mailserver, but im just trying to say
> implementing SPF has a _lot_ of side effects.
Too much, for what I see currently.
> Plaintext, you need to use SSL. How do you 'make' them use authentication?
Turn off non-authentificated access.
> You dont control if they decide to use the hotspot's email smarthost, or
> use software that does the delivery itself. If you publish SPF records,
> then their email will be rejected. Maybe not such a big deal in your
> case, but im sure we have thousands of customers emailing with our
> domain name from remote locations not using our mailservers.
That is one problem of the current SPAM. Because legit mail may flow in
non-signed and from any host. If anyone would use PGP or S/Mime, there
would be no forged senders, if one would use a confirm-style certificate
check-in mechanism (like when you join a mailing list that sends back a
message to your mail account to verify that a) the address really exists
and b) you are the particular person that initiated the join) -- at least
not forged in the sense "there is an existing mailbox", as one could
allocate easily one at any freemail (web) hoster,
Bye,
--
Steffen Kaiser
More information about the MIMEDefang
mailing list