[Date Prev][Date Next][Thread Prev] [Thread Next][Date Index] [Thread Index]

Re: more Anti-spam countermeasures

  • From: Gunnar Hjalmarsson  
  • Date: Wed, 17 Nov 2004 00:33:26 +0100
Jeff Donsbach wrote:
I don't think any of this affects ringmasters right now,

Not sure what you mean by that, Jeff. I don't know enough about DomainKeys, but if you send from a domain which publishes an SPF or SenderID record that defaults to "fail", you do need to be observant of how the info is used by receiving mail servers.

If you run a webring, it's reasonably desirable that the notifications to the ring members are designed so that

1) your mail client sends to the ringmaster if you simply click "Reply", and

2) possible bounces go to the ringmaster.

That's how Ringlink currently does it, at least if you have selected the "SMTP option" in rlconfig.pm. But for just that reason, if you register an SPF/SenderID protected address as the ringmaster address without publishing the SMTP server used by that Ringlink system as an allowed sending server, some notifications may indeed be bounced. This problem is a reality for many similar scripts that send messages on your behalf.

As regards SPF, there seems to be a convenient solution that works without including the SMTP server of scripts such as Ringlink in the SPF record: You can have the server rewrite the MAIL FROM addresses of all outgoing messages according to SRS (http://spf.pobox.com/srs.html). I'm currently testing the SRS implementation described at http://srs-socketmap.info/sendmailsrs.htm, and I believe that I with that prevent the above problem with respect to SPF checks for all mail sending scripts at the gunnar.cc server.

/ Gunnar

Follow-Ups from:
Jeff Donsbach
References to:
Jeff Donsbach
[Date Prev][Date Next][Thread Prev] [Thread Next][Date Index] [Thread Index]