A little more inforation: ringsurf set the mail from to the
womenwithauniquesoul.com
domain, whose SPF record (which I control) does not allow sending from the
SMTP server that ringsurf uses to send mail.
This is issue with ringsurf, and I suspect it is an issue with most server
software which sends email.
It would be interesting to see if the same issue exists in webring
and bravenet.
Now, I control the SPF record of this domain and could (and probably
will) change it to allow sending from this domain. But others
will run into the issue and will not be willing, or will be
unable, to make this kind of change.
FYI; this is the section from rfc 821 on smtp (the official internet
document on the SMTP standard):
There are three steps to SMTP mail transactions. The transaction
is started with a MAIL command which gives the sender
identification. A series of one or more RCPT commands follows
giving the receiver information. Then a DATA command gives the
mail data. And finally, the end of mail data indicator confirms
the transaction.
The first step in the procedure is the MAIL command. The
<reverse-path> contains the source mailbox.
MAIL <SP> FROM:<reverse-path> <CRLF>
This command tells the SMTP-receiver that a new mail
transaction is starting and to reset all its state tables and
buffers, including any recipients or mail data. It gives the
reverse-path which can be used to report errors. If accepted,
the receiver-SMTP returns a 250 OK reply.
The <reverse-path> can contain more than just a mailbox. The
<reverse-path> is a reverse source routing list of hosts and
source mailbox. The first host in the <reverse-path> should be
the host sending this command.
The key line is the last one: MAIL FROM should be the HOST email address
(the mail host), not the email address of the sender. And that's
what SPF is validating.
Later in the RFC, it is stated that the MAIL FROM is where errors
are sent to. This appears to be the way that most scripts have
interpreted the MAIL FROM and why it is often set to the mail
address of the sender, not the sending server.
Richard
-----Original Message-----
From: ringlink-open-bounces@xxxxxxxxxxxxxxx
[mailto:ringlink-open-bounces@xxxxxxxxxxxxxxx] On Behalf Of
RICH@xxxxxxxxxxxxxxx
Sent: Monday, November 01, 2004 4:55 AM
To: list@xxxxxxxxxxxx
Subject: RE: [RLopen] Email notifications and SPF
Well, an interesting thing happened today - an email from
ringsurf acknowledging the activation of a ring was rejected
due to a spf policy violation. It appears that ringsurf sets
the MAIL FROM to the email of the ring owner, and that was
not allowed by an SMTP server. The message was fatally rejected.
I was surprised to find that the spf record is already
being enforced.
Reporting-MTA: dns; p2.ezd3.com
Received-From-MTA: DNS; localhost
Arrival-Date: Mon, 1 Nov 2004 04:11:13 -0500 (EST)
Final-Recipient: RFC822; (removed)
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; 554 refused mailfrom because of SPF policy
Last-Attempt-Date: Mon, 1 Nov 2004 04:11:19 -0500 (EST)
Richard