Re: Publish SPF records for postgresql.org?
| От | Jonathan Gardner |
|---|---|
| Тема | Re: Publish SPF records for postgresql.org? |
| Дата | |
| Msg-id | 200403021331.35398.jgardner@jonathangardner.net обсуждение исходный текст |
| Ответ на | Re: Publish SPF records for postgresql.org? (Bruno Wolff III <bruno@wolff.to>) |
| Ответы |
Re: Publish SPF records for postgresql.org?
|
| Список | pgsql-advocacy |
On Tuesday 02 March 2004 12:58 pm, Bruno Wolff III wrote: > On Tue, Mar 02, 2004 at 10:40:33 -0800, > > Jonathan Gardner <jgardner@jonathangardner.net> wrote: > > Notice that SPF only checks the envelope MAIL FROM line, or as some > > people call it the SMTP from, not the header from. Modern mailing lists > > (like the one postgresql uses) rewrites that as it is now, so > > forwarding will not break with SPF. (Notice that it is comparing the IP > > address of the server I got mail from with the domain "postgresql.org". > > Since there are no SPF records for postgresql.org, it can't check yet.) > > The case I am talking about is for a person that gets email from a > postgres mailing list at server A and forwards it to server B. If server > B checks SPF records it will reject this message because it is not coming > from a server authorized to use postgresql.org as an envelope sender > domain. This is something that probably won't affect many people, but it > would still be nice to give people a heads up before turning it on. That > way they can adjust things so the mail gets through. (By such methods as > using SRS on server A or changing their subscription address to server > B.) You are correct. However, this only affects the user if the have enabled SPF on server A and if they haven't enabled SRS on server B. If they are going to enable SPF on server A, then they should understand the ramifications of doing so. Every domain that publishes SPF will break their configuration, not just postgresql.org. I think if you compare the cost to benefit of publishing or not publishing SPF records, it is apparent that publishing SPF records is the wise thing to do. We would only be declaring to the world that email coming from certain server is totally valid, while other servers are unknown (?all), probably not valid (~all) or not valid at all (!all). What the recipients of email do with this information is their responsibility. If they want to make it so that SPF-enabled email doesn't go through, that's their business. If they want to be silly and implement SPF in a way that will break forwarding, that's their call. -- Jonathan Gardner jgardner@jonathangardner.net
В списке pgsql-advocacy по дате отправления: