Richard Lowe wrote:
Gunnar Hjalmarsson wrote:
if you are using the "SMTP option" in rlconfig.pm ... the MAIL FROM
equals the "From:". Up to now, I have considered that to be an
important advantage, since it means that possible bounces due to
invalid ring member addresses go to the ringmaster. As I mentioned
when starting this discussion, SPF may be a reason to reconsider
that solution.
One possibility would be to make the master admin address the MAIL
FROM address in all the messages. OTOH, for those ringmasters who
control their domains, it's fully possible to include the mail
server of the Ringlink system in respective SPF record.
One thought I have is to make Ringlink check for the SPF data of
the ringmaster address, and keep letting the ringmaster address be
the MAIL FROM address, except if an SPF check would result in
"fail" when sent from the mail server of the Ringlink system. In
case of the latter, Ringlink would fall back to make the master
admin address the MAIL FROM.
I don't know if that would be possible. If it would, do you think
that such a solution would make sense?
I think you should mail the MAIL FROM equal to the server name and
not try to make ringlink more complicated.
Note that it would only be more complicated behind the scenes. The idea
is to ensure that messages to valid addresses are delivered without
unnecessarily taking away the ability to have un-delivery messages go to
the address that makes most sense: the ringmaster address. Personally I
think the latter is an important feature. If you are of another opinion,
what's your reasoning behind it?
Maybe you have your interpretation of RFC 821 in mind when recommending
an address matching the sending mail server. I for one doubt that your
interpretation is correct. If you think about it, if that was a
requirement, there would be no need for SPF records. The purpose of such
records is just to map the MAIL FROM domain and the allowed mail
servers.
I do wonder if a mail from like:
MAIL FROM: <webmaster@xxxxxxxxxxxxxxxxxxxxxxxx>,<claudia@xxxxxxxxxxxxxxxxxxx>
Would work?
Don't think so.
The RFC seems to indicate that this would be valid...
RFC 821 is 22 years old, and about to(?) be replaced by the proposed
standard RFC 2821. This is an extract from the latter:
"The first step in the procedure is the MAIL command.
MAIL FROM:<reverse-path> [SP <mail-parameters> ] <CRLF>
This command tells the SMTP-receiver that a new mail transaction is
starting and to reset all its state tables and buffers, including any
recipients or mail data. The <reverse-path> portion of the first or
only argument contains the source mailbox (between "<" and ">"
brackets), which can be used to report errors"
+++
"Historically, the <reverse-path> can contain more than just a
mailbox, however, contemporary systems SHOULD NOT use source routing"
It seems as if the "list of hosts" that is mentioned in RFC 821 is an
outdated thing. Note, also, the "can be used to report errors" (which is
mentioned in both RFC 821 and RFC 2821).
/ Gunnar