While SPF seems to be among the currently used technologies for spam protection, SRS looks rather dead. But forwarding mail breaks SPF without workarounds. So what is the best current practice?

  • Completly ignore the existence of SPF
  • Implement SPF but just implement forwarding "the old way"
  • Inform you users that forwarding breaks SPF and they have to whitelist you mail server
  • Implement SRS (but keep it a secret)

The forwarding part of SRS is rather simple, but I havn't found any clear way to implement the actual handling of bounces. It wouldn't be hard to hack some usage of Mail::SRS onto postfix but there doesn't seem to be an off the shelves solution?