[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers-public] Re: [gnu.org #219521] Thoughs on SPF
From: |
Sylvain Beucler via RT |
Subject: |
[Savannah-hackers-public] Re: [gnu.org #219521] Thoughs on SPF |
Date: |
Tue, 01 Feb 2005 16:01:50 -0500 |
Hi,
Thanks for the clarification.
Also, Savane is already configured to send mail from
address@hidden as the envelop sender.
In this case, we are considering the CVS commit notifications. As far
as I see, the mail forwarder crafted by Paul is not issuing any
HELO/EHLO command.
Is there an Exim option to set the defaut envelop sender in case it
was not specified? Else, we need to make changes to the C mail
forwarder.
--
Sylvain
On Mon, Jan 31, 2005 at 11:33:57AM -0500, James Blair via RT wrote:
> > address@hidden - Thu Jan 13 16:23:09 2005]:
> >
> > Hi,
> >
> > Sorry to send you another mail, we have quite a lot of things to ask
> > you at the moment.
> >
> > A user is complaining that we use, for CVS notifications, a solution
> > that rely on mail forgery, which is incompatible with the SPF, used
> > his ISP that hence discard such mails. Indeed, when I commit to a cvs
> > repository, a mail is sent on my behalf using the mail I set in the
> > Savane system. The user would rather have the system send mail as
> > address@hidden
> >
> > For more information, conversation can be found here:
> > https://savannah.gnu.org/support/index.php?func=detailitem&item_id=103775
> >
> >
> > In a nutshell, I would like to know if you or the FSF in general have
> > any plans regarding SPF and domainkeys support for the gnu.org mail
> > system in general.
> >
>
> First, regarding SPF for gnu.org: we intend to use it. Because we
> primarily are engaged in forwarding mail, we won't really utilize it
> until SRS is implemented for exim, our MTA. This doesn't really
> affect the issue under consderation here except that it would be
> hippocritical of us to use SPF ourselves and yet send out mail
> incompatible with it.
>
> As for savannah notifications, they should probably be sent out in
> another manner. I think breaking SPF should be avoided, and of course
> there is the question of etiquitte in sending mail forged from someone
> else.
>
> I would suggest we avoid address@hidden addresses for mail
> forwarding. I don't think people really need to use savannah as a
> mail forwarding service, and it's not a particularly good use of
> savannah's limited computing resources.
>
> A better idea would be making the system behave more like a mailing
> list. Mailman sends out messages with sender addresses that look like
> address@hidden That way the system can do bounce
> processing and not send out messages to email addresses that generate
> bounces. I think that would be a useful feature for savannah as well
> as a good solution to the problem of sending forged email. This also
> means that savannah will have to process mail though, and don't
> underestimate how much work that will be for the machine. Though with
> this method you can greatly reduce the amount of actual deliveries the
> machine will have to deal with (most mail will be rejected).
>
> The easiest solution all around though would be to send mail from a
> valid address. We have already set up savannah-bounces for that
> purpose. So simply changing the envelope sender to
> "address@hidden" should solve the problem.
>
> Just to be clear, I'm writing about the envelope sender address. If
> an attempt is being made to validate the "From:" header, that is
> entirely a different issue.
>
> http://spf.pobox.com/faq.html#whichfield
>
> -Jim
>
--
Sylvain
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-hackers-public] Re: [gnu.org #219521] Thoughs on SPF,
Sylvain Beucler via RT <=