Hey All,
Just wondering if changing the "From" field when sending email (programatically) is considered a "bad" thing, and will mail servers more likely reject emails sent from my web/mail server because of it (or be marked as spam).
I have a facility where users from my website send emails using a web-interface, so the web/mail server must send the email and change the From field to pretend it's from the user's email.
The RFC doesn't really state much: http://www.faqs.org/rfcs/rfc2822.html
Cheers, SM
edit: here are the headers in gmail when I send an email using my web-interface:
Received-SPF: fail (google.com: domain of [email protected] does not designate xxx as permitted sender) client-ip=xxx; Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of [email protected] does not designate xxx as permitted sender) [email protected] Received: from localhost (webserver.name [yyy]) by sending.domain (Postfix) with ESMTP id 903201474F for ; Fri, 27 Nov 2009 09:10:29 +1100 (EST)
edit2: spf = fail seems bad, but gmail does nothing about it:
http://www.openspf.org/SPF%5FReceived%5FHeader
When an SPF query returns "fail", the MTA should reject the connection.
When an SPF query returns any other result, the MTA should add an advisory header to the message of the form "Received-SPF: neutral" or "Received-SPF: pass". That way, a spam filter further down the road can take that header into account as part of a more balanced decision.