[Mimedefang] How to change envelope sender?

Benoit Panizzon benoit.panizzon at imp.ch
Mon May 6 03:23:55 EDT 2013

> > Backscatter for the most part is not a problem because it has a simple
> > solution:  Message source authentication, with varying implementations
> > and degrees of success - SPF, DKIM, MTX, PGP-signatures, etc.
> Various degrees of failure would be a better description....


It good that there are attempts to solve the problem.

SPF is fine so far, as the sender can decide how to block. But there are 
problems with forwardings if you don't use SRS.
SRS is not yet built in MTA products as afaik it's not RFCed yet.
For Sendmail there is an ugly socketmap solution.
For Postfix you would need a milter or similar.
Qmail has a pretty solution, but Qmail itself is imho just broken.
Exim, I don't know.

DKIM. Yeah, clever idea to sign the headers so the recipient can check the 
email was not altered and reject it if there is no signature (what you need to 
do if you want reject emails with forged from address) or those headers were 
But: There are Mailinglists, like this very MIMEDefang List. Guess what, 
Subject and Reply-To Headers are signed, but they are altered by mailman. If a 
DKIM Signed email is sent over the Mimedefang Mailinglist and I would enable 
DKIM on my MTA, I would reject such emails. So DKIM realy is a NoGo!

PGP is fine. But how would you filter spam with PGP unless everyone is using 
PGP Signatures? And that is never going to happen, so you still have to accept 
unsigned emails, including spam.

MTX? I will have to look up what that is.

Well until now I don't know any solution that works flawlessly. SMTP was just 
designed with a couple of flaws and we have to work around the one kind or the 
other and try not to break too much.

Mit freundlichen Grüssen

Benoit Panizzon
I m p r o W a r e   A G    -    

Zurlindenstrasse 29             Tel  +41 61 826 93 07
CH-4133 Pratteln                Fax  +41 61 826 93 02
Schweiz                         Web  http://www.imp.ch

More information about the MIMEDefang mailing list