* dot@dotat.at (Tony Finch) [Wed 29 Jun 2005, 15:28 CEST]:
Tony Finch <dot@dotat.at> wrote: [...]
Actually, what you have to guarantee is that you never send email to anyone who forwards their email elsewhere. This is impossible. How do you figure that?
The failure mode in this case is if somebody arranges "dumb" mail forwarding that doesn't do envelope rewriting, and also applies a SPF filter on their incoming mail. The problem is quite clearly of the recipient's making rather than any fault of the sender's. Most forwarding services do nothing but change the envelope recipient address, and this has been standard practice for many many years. Sites
On Wed, 29 Jun 2005, Peter Corlett wrote: that do SPF checking on incoming email must take this into account if their users forward email from elsewhere. However most sites do not do so, partly because the SPF documentation doesn't make it clear that they must, and partly because it's basically impossible - for every user that forwards email to your site you must whitelist the IP addresses of the forwarding mail servers, and you can't find out what those IP addresses are or when they change.
How do I configure my router for that? -- Niels. -- The idle mind is the devil's playground