Sender rewriting scheme

from Wikipedia, the free encyclopedia

The Sender Rewriting Scheme ( SRS for short ) is a method to rewrite the sender (more precisely: the envelope sender ) of an e-mail so that the Sender Policy Framework (SPF) also works with mail redirection .

With a mail redirection, not only the sender data in the header are left unchanged, but also the envelope sender provided in the SMTP , which is checked with SPF. In such a case, the forwarding mail server may not be authorized to send the mail in the sense of SPF.

However, if the solution is simply to rewrite the envelope sender, it can happen that error messages no longer arrive.

Example: a@d1.example writes to b@d2.example; b@d2.example is forwarded to c@d3.example. The mail server of d2.example is not authorized to send mail from d1.example, so the mail is invalid from the point of view of d3.example. If the d2.example mail server were to use the address b@d2.example as the sender, d3.example would not be able to inform the original sender a@d1.example if an error occurred during delivery, because d3.example would send the error message to b Send @ d2.example, which would be forwarded again and fail again.

SRS solves the problem by encoding the original sender in the new sender, e.g. B. in the form a#d1.example-b@d2.example.

However, since this means that mail with a falsified sender could be smuggled in via SRS, an additional cryptographic hash is provided in the SRS address to secure the address. A complete SRS address has the form 

SRS0=HHH=TT=hostname=local-part@domain

where HHH stands for the hash and TT for a time stamp.

From the point of view of a mail sender, SRS is an unsatisfactory solution, because although he can use SPF to determine which servers are allowed to send with his own sender address, he is dependent on all forwarding mail servers to implement SRS so that the mail is safely delivered to anything outside of his own Area of ​​influence.

Web links