-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday, 2013-05-07 at 21:38 +0200, Per Jessen wrote:
Well, SPF is at least in the mix. The problem is that a mail is sent
from bugzilla, from an IP-address listed in the SPF record
for "novell.com". That's all very good right up until the mail goes to
a "computer.org" or "opensuse.org" alias (for instance) and is
_forwarded_ to the actual recipient address. Forwarding breaks SPF and
a forwarding mail-server would need to use SRS to fix it.
I did a test.
As my ISP refuses to send my email with my opensuse.org alias (since ever,
even using authentication), I use gmail for the task. I tried it just now,
sending from one gmail account to my telefonica account, but using the
opensuse.org from address. It worked - but the reason is this:
+++···························
Return-Path:
Received: from IMPmx6.adm.correo (10.20.102.113) by tems9.backend.correo (8.5.137.03)
id 51102A7C01857381 for robin....@telefonica.net; Fri, 10 May 2013 18:17:42 +0200
Sender: robin.....@gmail.com
From: "Carlos E. R."
···························++-
So, as far as telefonica SPF test is concerned, the email is sent from
"robin.....@gmail.com" via a gmail server, so it is ok.
But I can not really send email with the opensuse.org alias, the non
aliased name is prominent in the headers.
+++···························
cer@Telcontar:~> host -t txt gmail.com
gmail.com descriptive text "v=spf1 redirect=_spf.google.com"
cer@Telcontar:~> host -t txt _spf.google.com
_spf.google.com descriptive text "v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ?all"
cer@Telcontar:~>
···························++-
I was googling on this, and found a link:
http://seocompanyphoenix.com/112-google-spf-hardfails/
What they do is this:
v=spf1 ip4:.... include:_spf.google.com ~all
This is also commented here:
http://productforums.google.com/forum/#!topic/apps/y3-p-BwWWcc
That is, they include google as an authorized sender on their domain (not
google domain). It is as if opensuse.org would add gmail.com as authorized
sender in the opensuse.org dns records - hardly feasible, as each member
uses different sending method, I guess.
- --
Cheers,
Carlos E. R.
(from 12.1 x86_64 "Asparagus" at Telcontar)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iEYEARECAAYFAlGNJIAACgkQtTMYHG2NR9XGhgCghEg70PNHK/8R4i6uqo2KmzU2
MToAnijZ4o1vs89phY3YqjXn0R35MenS
=d6MB
-----END PGP SIGNATURE-----