Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. SRS
[OT] static routes and SPF (was: Re: A problem with SRS)
daniel at roe
Mar 1, 2004, 11:37 AM
Post #1 of 2 (2142 views)
Permalink
mw-list-srs-discuss@csi.hu <mw-list-srs-discuss@csi.hu> [2004-03-01/12:07]:
> > I believe there is something like an include: feature in SPF, which
> > would effectively solve this administrative problem.
>
> Could you remind me how the spf records would change if we start with
>
> orig -> relay_1 -> dest
>
> then the route changes to
>
> orig -> relay_1 -> relay_2 -> dest
>
> then to
>
> orig -> relay_1 -> relay_2 -> relay_3 -> dest

You must specify which of these are static mail routes, which are
individual user forwards, and which are "normal", by-MX delivery.

Assuming that all but the last hop are static mail routes, it is easy.
Whenever you set your mailserver to statically forward to another host,
you also change your SPF record accordingly. Orig would put an include
to relay_1 in its SPF records. relay_1 would then later include relay_2,
and relay_2 would include relay_3. This is assuming that all the relays
are separate entities; if all relays are controlled by the same entity,
there might be simpler SPF setups. Generally, there's more than one way
to do it.

This would now rather belong to spf-help, so if you have any further
questions on the way SPF would be implemented, please follow up there
instead of here. EOT.

Cheers,
Dan

--
Daniel Roethlisberger <daniel@roe.ch>
GnuPG key ID 0x804A06B1 (DSA/ElGamal)

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com
Re: Re: A problem with SRS [ In reply to ]
mw-list-srs-discuss at csi
Mar 2, 2004, 7:39 AM
Post #2 of 2 (2059 views)
Permalink
On Mon, Mar 01, 2004 at 07:37:06PM +0100, Daniel Roethlisberger wrote:
> mw-list-srs-discuss@csi.hu <mw-list-srs-discuss@csi.hu> [2004-03-01/12:07]:
> > > I believe there is something like an include: feature in SPF, which
> > > would effectively solve this administrative problem.
> >
> > Could you remind me how the spf records would change if we start with
> >
> > orig -> relay_1 -> dest
> >
> > then the route changes to
> >
> > orig -> relay_1 -> relay_2 -> dest
> >
> > then to
> >
> > orig -> relay_1 -> relay_2 -> relay_3 -> dest
>
> You must specify which of these are static mail routes, which are
> individual user forwards, and which are "normal", by-MX delivery.
>
> Assuming that all but the last hop are static mail routes, it is easy.
> Whenever you set your mailserver to statically forward to another host,
> you also change your SPF record accordingly. Orig would put an include
> to relay_1 in its SPF records. relay_1 would then later include relay_2,
> and relay_2 would include relay_3. This is assuming that all the relays
> are separate entities; if all relays are controlled by the same entity,
> there might be simpler SPF setups. Generally, there's more than one way
> to do it.

So just because relay_1, say, wants to relay messages from orig (but
not necessarily from orig_1) through relay_2, it needs to put

include:relay_2

Could not this imply that any IP permitted (by the SPF record on
relay_2) to send mail from the relay_2 domain can now send mail with
relay_1 as envelope sender domain?

>
> This would now rather belong to spf-help, so if you have any further
> questions on the way SPF would be implemented, please follow up there
> instead of here. EOT.

Is it OK if this stays here until I figure out when I need SRS exactly?

Mate

--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss@v2.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal