The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Tuesday, March 21, 2006

Unintended consequences

While in the process of solving a secure certificate issue with one of our customers I ended up having to debug an email issue for the same customer before continuing with the resolution of the primary issue (just have to love those “one-step forward, two-steps backwards and a sidestep” issues).

Anyway, the email issue involves SPF and it's a situation that frankly, never crossed my mind. has an SPF record that basically states: “only hosts listed as MX hosts for and IP addresses XXX.XXX.XXX.XXX through XXX.XXX.XXX.XXX are allowed to send mail from and no others.” No problem there, until email is forwareded!

I sent a test message from to root@XXXXXXXXXXXX, which is then forwarded to an account (that all root@<the various servers at The Company> get forwarded to) that ultimately ends up in my work mailbox. Now, all email for The Company goes through a spam firewall, which, among other things, checks for SPF. So, the mail message I sent went sean@conman.orgroot@[customer]rootmail@[The Company root catch-all account], but when it hit the spam firewall at rootmail@[The Company root catch-all account] the mail was still from, but it was coming from the customer's server, which isn't listed in my SPF record (see above), so it was blocked from being delivered.


Draconian SPF records break in the face of email forwarding. Email forwarding is a standard feature of email. SPF is pretty pointless without draconian records (well, non-draconian records means one can mark an email as suspicious but without support for such tagging why even bother?).

So why bother using SPF then?


Two Pictures from The Corporate Offices of The Company

[The Walkway outside The Corporate Offices]

I'm still having fun with the camera phone and its ability to take panoramic pictures (wow! What a neat feature!). Anyway, the shot above is of the walkway just outside The Corporate Offices of The Company, where you can bask in the expanse that is … The Company.

[The Office I share—that's my computer on the right]

This shot is of The Office I share with P. That's P on the left (he's been feeling a bit pixelated all week) in front of his computer, and that's my computer on the right. The text you see is the screen saver, displaying some code I've written.

A long night in the office

For both my friends from college (especially those that were at the New Year's Eve 1992/New Year's Day 1993 party) and for the Sunday Gamers crashing Gregory's office every few months between 2000 and 2002 (or there abouts) is a long night in the office (via Amanda Robbins).

Obligatory Picture

[It's the most wonderful time of the year!]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site:, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2021 by Sean Conner. All Rights Reserved.