Sender Rewrite Scheme added for email forwarding

We would like to announce that we have implemented the Sender Rewrite Scheme, or SRS, on our mail forwarding services.   This is designed to remedy the increasingly prevelant problem with SPF enforcement breaking email forwarding services from any provider,  including ourselves.

The SPF protocol allows domain administrators to specify which mailservers are authorised  to send email from addresses within that domain name, this helps reduce spam in general and the problem of spammers pretending they are sending from domains they have no  connection to.  The problem arises when a domain with SPF records in place sends email to an address which is in turn forwarded to an address which enforces SPF.  The receiving  server looks at the domain in the return_path header from the email and compares the IP of the mailserver it is receiving the email from, which is the forwarding server, with the list of allowed mailservers for that domain.  Naturally the sender does not have any connection to the provider forwarding the mail and the forwarding mailservers IP is not on the list of authorised servers, and the receiving server bounces the email.

SRS rewrites the return_path header to maintain a record of the original sender information  but ending in a domain name controlled by the forwarding provider, in our case, which has an SPF record which includes the forwarding server and so passes the recipient  SPF check, preventing the forwarding mail from bouncing.

For anyone who for any reason does not want their domain’s mail forwarding to make use of SRS we are shortly rolling out the ability to disable this through your domains email settings, for the time being you can send us a request to exempt your domain through the Get Support link at the top left of your account.