[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPF and senderokwithdns
On Tue, Jul 13, 2004 at 03:07:18PM +0400, Eugene Crosser wrote:
> Matti,
>
> with your today's change, senderokwithdns check in pt_mailfrom is the
> very last, and it is not done if the sender is "authorized". Is it what
> was your intention? I think that if one wants to disallow unroutable
> "mail from", he wants to do that for all, authorized and non-authorized
> senders. And therefore the check should be done very early, maybe even
> before "if (state->full_trust) return 0;" around the line 1704.
It is a wee bit complicated thing indeed..
When the matter is about remote SPF publisher, who want to be
protected, then things are as you say, but when it is about
_local_ SPF set, then e.g. users must be able to send out
from where-ever they are, as long as they have authenticated..
How to formulate both ?
> Am I missing something?
>
> Eugene
--
/Matti Aarnio <mea@nic.funet.fi>
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi