On 13.04.08 15:45, Moritz Borgmann wrote:

> somebody@X.com [smtp.X.com] -> me@B.com [mx.B.com] -> me@A.com [mx.A.com]


> mx.B.com is in trusted_networks, all machines at A.com are in
> internal_networks. always_trust_envelope_sender is enabled since the trusted
> relays do not rewrite envelope from.
>
> Now, this setup entails the well-known problem that if X.com publishes an
> SPF record, SpamAssassin (3.2.4) spanks the message with SPF_FAIL since it
> checks the first *external* relay (mx.B.com), not the first untrusted relay
> against X.com's SPF policy.


> Now, I see the following possibilities to solve/work around the problem.
> First, the ones not viable (I believe that this situation is fairly common):
>
> 1) Don't forward - not an option.
>
> 2) Lobby B.com to implement SRS - hopeless.


you rejected all the correct solutions... so you only can work around, not
fix the problem...

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors