j.steigenberger at admins
Mar 26, 2006, 6:09 PM
Post #1 of 70
This is to all Persons thinking SRS is usable.
I will show you with empirical logic that SRS really sucks.
1. SRS makes a good thing as SPF really useless.
We at UCEPROTECT-Network noticed an increasing of Spam and Phishingmails
claiming to be legal forwardet mail (with SRS) within the last days.
Worst on all, these faked Mails were delivered by well known providers.
Investigating this, we found, that those providers do not even check for
and are accepting such crap, but then they are forwarding it with SRS !!!
They just do an SRS on all forwardet mail, only to have the mails out of
their queue :-(
No matter if an SPF-Record is set for the claimed sender domain or not ...
This actually begins to become wideley used practice.
Those providers should better check on mails to be forwardet, if the domain
SPF-Record set, and if an SPF-Record persist, if it allows the provider to
send (forward) the mail.
If they found not to be autorized for doing so they could simply reject the
instead of accepting and forwarding them.
Why should an Domain owner set SPF-records for his Domain, if any idiot out
can (thanks to SRS) still fake to be a legal sender?
Do you really think you can trust anyone out there?
This means SPF is on the way to get useless (thanks to SRS).
2. SRS is absolute unnecessary.
As a Domain owner i can choose, whatever i put into my SPF-Records.
So if i have a need, that my Mails may be forwardet by any Provider or i
a need that mails claiming to be from me can be sent by Ebay or Paypal,
it should not be a Problem to set an apropiate SPF-Record, which allows
forwarding by selected hosts or Domains.
I need no SRS for this if i really want my mail to get forwardet.
I only have to use my brian while setting my SPF-record
But if i choose that my mail should not be allowed to be forwardet, it is
my restriction ...
SPF stands for SENDER POLICY FRAMEWORK
So the real question must be:
Who do you think you are, that you can break a SENDER POLICY?
If i would be too stupid to set my SPF-Records in a way that they match my
it should logically be my problem not yours ....
This indicates SRS was made because of lamers out there not able to set
SPF-Records matching their needs :-)
Why do you risk, that SPF will go down, only to have some lamers not able to
set apropiate SPF-Records get their mail deliverd with a nonsense called
People which do not want restrictions on their mail could easily choose not
SPF-Records, or ever maching SPF-Records.
3. What is my personal suggestion?
Implementing SPF in software is cool (we also did it), but it really
sucks if you also implement SRS (we will never do it - not in this life !!!)
Furthermore we implemented in our default ruleset to block every mail which
identified to have an SRS envelope from.
We consider anyone, who thinks he can ignore the domain owners restriction
I recommend to stop SRS, before more people and providers beginn fooling
with this nonsense.
IMO it is ony a question of time up till SRS will be widely abused ...
In some month you will probably find about 90% of all SRS Mails to be Spam /
Phishing / Viruses....
What will you do then?
Starting another foolish project to fix problems which you would not have
with SPF alone,
but you have them thanks to SRS?
Sorry for beeing very ironic, but i really hate, if people doing things that
are not consequent.
Telling people SPF breaks mailforwarding is only half the truth.
The complete truth is: SPF breaks unauthorized mailforwarding.
Thats the consequence of the policy, you can also call it a feature.
And finally: SRS breaks SPF.
Thats not a feature - it is inconsequence and therfore it should not exist.
Blacklistmaster at UCEPROTECT-Network
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=srs-discuss [at] v2