cancel
Showing results for 
Search instead for 
Did you mean: 

SPF/SRS when using redirects

Superuser
Superuser
Posts: 9,765
Thanks: 1,150
Fixes: 63
Registered: 06-04-2007

SPF/SRS when using redirects

I set up an SPF record for a domain I have at 123-reg and I've confirmed mail to my Plusnet/Force9 address bounces with 550 SPF Validation Failed if the server is not approved (but gets through if it is).

However if I send the message using an approved server to a Force9 address that redirects elsewhere, the redirect works but the envelope address isn't rewritten. To me that implies Plusnet haven't implemented SRS. Sad

David
8 REPLIES
Superuser
Superuser
Posts: 6,774
Thanks: 854
Fixes: 55
Registered: 30-07-2007

Re: SPF/SRS when using redirects

Very likelyRoll eyes

Superuser
Superuser
Posts: 6,774
Thanks: 854
Fixes: 55
Registered: 30-07-2007

Re: SPF/SRS when using redirects

When you think about it, implementing SRS for the redirected outgoing mail isn't difficult. The REAL problem is that now you are responsible for handling any delivery failure from the destination, extracting the orginal sender from the (rewritten) return-path and passing the failure back to them. If you're not careful then, with a simple redirect/forward, the delivery failure is treated as any other message and redirected...looping foreverGrin

Superuser
Superuser
Posts: 9,765
Thanks: 1,150
Fixes: 63
Registered: 06-04-2007

Re: SPF/SRS when using redirects

Wouldn't the bounce handling procedure of leaving Return-path empty ( <> ) cope with potential looping?

On Plusnet I've confirmed that the SPF check is also done for redirects so if SPF validation fails the message won't be redirected/forwarded. Thus any failure after forwarding shouldn't be SPF related.

David
Community Gaffer
Community Gaffer
Posts: 13,418
Thanks: 1,182
Fixes: 92
Registered: 04-04-2007

Re: SPF/SRS when using redirects

Looks like you're right Undecided

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Superuser
Superuser
Posts: 6,774
Thanks: 854
Fixes: 55
Registered: 30-07-2007

Re: SPF/SRS when using redirects

Wouldn't the bounce handling procedure of leaving Return-path empty ( <> ) cope with potential looping?

Possibly. I think the main problem is that without implementing SRS then the redirector/forwarder doesn't have to think about failures, they will go back to the original sender. With SRS they may have to do something.

Superuser
Superuser
Posts: 6,774
Thanks: 854
Fixes: 55
Registered: 30-07-2007

Re: SPF/SRS when using redirects


bobpullen wrote:

Looks like you're right Undecided


Oops!, pot, kettle and black come to mindWink

Superuser
Superuser
Posts: 9,765
Thanks: 1,150
Fixes: 63
Registered: 06-04-2007

Re: SPF/SRS when using redirects

As things stand Plusnet will redirect only if SPF validation passes. However if the next hop does an SPF check it will fail unless the envelope from address has been rewritten. Since Plusnet have implemented SPF they should also implement SRS (and handle bounces).

David
Superuser
Superuser
Posts: 6,774
Thanks: 854
Fixes: 55
Registered: 30-07-2007

Re: SPF/SRS when using redirects

Looks like 'can open, worms all over the table!' to meGrin