• Andrew C Aitchison via Exim-dev [2024-12-16 20:54]:
[...]
But if you _did_ use SRS, would you expect cutthrough to use the
rewritten envelope sender?
I guess it depends on the use case.
SRS is mostly relevant for doing forwarding so some external sites, such
as to gmail in my case, and gmail in particular requires valid SPF or
DKIM for all senders (for bulk senders, I think, they require SPF, DKIM
and DMARC).
Hmm. IIUC cutthrough is intended for use between organisationally
closely connected machines, such as from secondary to primary MX
or firewall host to mail server.
I didn't catch that cutthrough is intended to be used only by
organisationally closely connected machines, e.g. front MX doing
cutthrough to some backend make sense, of course.
If your email domain is not hosted by gmail I don't see why you would
want a cutthrough connection to them.
Because I have some users who forward there, and I'd like to rejects if
gmail rejects.
The idea of having a close organisational email connection with gmail
is stretching my imagination ... I would not have thought of
having a cutthrough connection to gmail.
Well, I didn't catch the requirements of such organisational connection.
Is it really so?
-----
(I'm also somewhat allergic to SRS, since I cannot prove to myself that
it doesn't produce a, restricted, open relay. I failed to read https://
srs-discuss.v2.listbox.narkive.com/H5TyyIKg/the-open-relay-problem-is-
not-a-problem
when it first appeared :-(
This is interesting. I don't use SRS, but I do set return_path, and I
have ACLs with HMAC and secrets and timestamps and whatnot to ensure
that it's not an open relay.
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## [email protected]
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
