Sender Rewriting Scheme

The Sender Rewriting Scheme ( SRS short ) is a method to the sender (more precisely, the envelope sender ) an e -mail to rewrite so that Sender Policy Framework (SPF ) also works with mail forwarding.

In a mail redirection not only the sender information in the header are left unchanged, but also provided for in the SMTP protocol envelope sender, which is checked with SPF. In such a case, the forwarding mail server may not be authorized within the meaning of SPF to send the mail.

If as a solution, however, the envelope sender simply rewritten, it can happen that error messages no longer arrive.

Example: [email protected] writes to [email protected]; [email protected] is forwarded to [email protected]. The mail server of d2.example is not authorized to send mail from d1.example, so the mail from the perspective of d3.example invalid. If the mail server take the address of d2.example [email protected] as the sender, could d3.example the original sender [email protected] not know if a failure in the delivery would take place, because d3.example would the error message to b @ d2.example would send what passed again and fail again.

SRS solves the problem in that the original sender will be coded in the new sender, in the example above, for example, d2.example in the form of a # d1.example -b @.

However, since this leads that you could smuggle messages with fake sender via SRS, an additional cryptographic hash is provided in the SRS address that secures the address. A complete SRS address has the form

SRS0 = HHH = TT = hostname = local-part @ domain where HHH for the hash and TT stands for a time stamp.

From the perspective of a mail sender SRS is an unsatisfactory solution, since it can still be determined with SPF which servers are allowed to send with your own sender address, but he has to rely on that all the forwarding mail server SRS implement to ensure that the mail is delivered safely, what outside his exertion of influence.