Tony Finch <dot@xxxxxxxx> wrote:
I cannot work around this problem: I have no reasonable way of knowing that this forwarding relationship exists, or if I do know about it I have no reasonable way of maintaining a list of example.edu's outgoing email servers in order to whitelist them.
And I don't see why (in the idealogical sense) this would be your problem. If other sites are forwarding your users messages, then that's a matter between them and the users. You shouldn't have to be involved.
Practically, the practice is common, and people resist mightily changing their habits.
When the sender sends a message to the receiver, the edge of the receiverīs system in this case would be the forwarder. It is the responsibility of the receiver to make sure that the steps taken after the forwarder accepts the mail from the senderīs system are correct. Therefore in this specific case, the forwarder would have to do Sender-ID checks in order to protect its users. Therefore, you donīt have to do anything - itīs the end users that do. In a similar fashion when a mailing list is involved, it is the responsibility of the list to do the Sender-ID checks at the edge when it accepts the mail from its users, and the end users will do their own checks against the list itself.