41 lines
1.8 KiB
Plaintext
41 lines
1.8 KiB
Plaintext
libsrs2 is the next generation SRS library from the original designer
|
|
of SRS.
|
|
|
|
It can be used by Courier IMAP.
|
|
|
|
It implements the Sender Rewriting Scheme, a part of the SPF/SRS
|
|
protocol pair. Libsrs2 has been written from an entirely clean
|
|
codebase with compliance, speed and versatility in mind. It is
|
|
platform independent and has no external dependencies. It is
|
|
thread-safe and heap-safe, and is suitable for large scale
|
|
applications and embedded systems and can operate without many
|
|
standard system facilities.
|
|
|
|
|
|
What is SPF?
|
|
|
|
SPF is one of a family of systems which aim to prevent email address
|
|
forgery. A good SPF implementation is available from
|
|
http://www.libspf2.net/.
|
|
|
|
[From spf.pobox.com]: The present SMTP standard for email allows
|
|
anyone to forge anyone else's email address. This means I could send
|
|
anyone a message claiming to be from you, and only an email expert
|
|
would be able to tell the difference. SPF allows your mail servers to
|
|
easily distinguish forgeries from real mail. Importantly, SPF works
|
|
before the message body is transmitted, saving you the bandwidth cost
|
|
of downloading the message and the CPU cost of filtering it.
|
|
|
|
What is SRS?
|
|
|
|
SPF (and related systems) present a challenge to forwarders, since the
|
|
envelope sender address might be seen by the destination as a forgery
|
|
by the forwarding host. Forwarding services must rewrite the envelope
|
|
sender address, while encapsulating the original sender and preventing
|
|
relay attacks by spammers. The Sender Rewriting Scheme, or SRS,
|
|
provides a standard for this rewriting which makes forwarding
|
|
compatible with these address verification schemes, preserves bounce
|
|
functionality and is not vulnerable to attacks by spammers. A
|
|
graphical explanation is available here or here and a technical
|
|
document describing the protocol and its strengths is at here.
|