On 19 July 2010 16:56, Graeme Fowler <[email protected]> wrote: > On Mon, 2010-07-19 at 08:19 -0700, Marc Perkel wrote: >> Although received headers can be forged, it is unlikely most spammers >> would do so Spammers would have to make SPF calls to do the forgery and >> that would be to expensive bandwidth wise. What I'm thinking is >> preventing false positives due to email forwarding. > > You are Miss De Point and I claim my five pounds :) > > Received headers are routinely forged in spam. It costs the spammer > nothing. It would cost you a lot to test against them. > > The *only* Received: header you should trust is that added by your own > MTA. > > It's also worth saying that in SPF terms "false positives due to email > forwarding" aren't false positives at all, they are messages which do > not adhere to the published policy. That's the sender's problem, not > yours (as the "recipient"). > > If you're going to do this sort of check (which is ignoring the sending > domain's published policy), why bother doing SPF checks at all?
Actually I can kind-of see the point here... given a trusted forwarder who doesn't check SPF, and therefore breaks it sometimes, it might be useful to put yourself in their shoes and do their inbound SPF check for them after the fact - and assuming you trust the original sender, you can trust the otherwise-broken forwarding. Pete -- Peter Bowyer Email: [email protected] -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
