Skip site navigation (1) Skip section navigation (2)

Re: Publish SPF records for

From: Jonathan Gardner <jgardner(at)jonathangardner(dot)net>
To: Bruno Wolff III <bruno(at)wolff(dot)to>
Cc: pgsql-advocacy(at)postgresql(dot)org
Subject: Re: Publish SPF records for
Date: 2004-03-02 21:31:35
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-advocacy
On Tuesday 02 March 2004 12:58 pm, Bruno Wolff III wrote:
> On Tue, Mar 02, 2004 at 10:40:33 -0800,
>   Jonathan Gardner <jgardner(at)jonathangardner(dot)net> wrote:
> > Notice that SPF only checks the envelope MAIL FROM line, or as some
> > people call it the SMTP from, not the header from. Modern mailing lists
> > (like the one postgresql uses) rewrites that as it is now, so
> > forwarding will not break with SPF. (Notice that it is comparing the IP
> > address of the server I got mail from with the domain "".
> > Since there are no SPF records for, it can't check yet.)
> The case I am talking about is for a person that gets email from a
> postgres mailing list at server A and forwards it to server B. If server
> B checks SPF records it will reject this message because it is not coming
> from a server authorized to use as an envelope sender
> domain. This is something that probably won't affect many people, but it
> would still be nice to give people a heads up before turning it on. That
> way they can adjust things so the mail gets through. (By such methods as
> using SRS on server A or changing their subscription address to server
> B.)

You are correct. However, this only affects the user if the have enabled SPF 
on server A and if they haven't enabled SRS on server B. If they are going 
to enable SPF on server A, then they should understand the ramifications of 
doing so. Every domain that publishes SPF will break their configuration, 
not just

I think if you compare the cost to benefit of publishing or not publishing 
SPF records, it is apparent that publishing SPF records is the wise thing 
to do. We would only be declaring to the world that email coming from 
certain server is totally valid, while other servers are unknown (?all), 
probably not valid (~all) or not valid at all (!all). What the recipients 
of email do with this information is their responsibility. If they want to 
make it so that SPF-enabled email doesn't go through, that's their 
business. If they want to be silly and implement SPF in a way that will 
break forwarding, that's their call.

Jonathan Gardner

In response to


pgsql-advocacy by date

Next:From: Bruno Wolff IIIDate: 2004-03-03 03:42:28
Subject: Re: Publish SPF records for
Previous:From: Bruno Wolff IIIDate: 2004-03-02 20:58:34
Subject: Re: Publish SPF records for

Privacy Policy | About PostgreSQL
Copyright © 1996-2018 The PostgreSQL Global Development Group