Email forwarding

From Wikipedia, the free encyclopedia

E-mail forwarding consists of the operation of re-sending an e-mail message delivered to one e-mail address on to another e-mail address. Users and administrators of e-mail systems use the same term when speaking of both server-based and client-based forwarding.

E-mail forwarding can also redirect mail going to one address and send it to one or several other addresses. Vice versa, e-mail items going to several different addresses can converge via forwarding to end up in a single address in-box.

Contents

[edit] Server-based forwarding

The domain name (the part appearing to the right of @ in an e-mail address) defines the target server[1] for that class of addresses. That server can deliver a message to a user's mailbox and/or send it forward. ~/.forward files (see below) provide a typical example of the implementation of server-based forwarding.

E-mail administrators sometimes use the term redirection as a synonym for server-based email-forwarding.

[edit] Uses of server-based forwarding

Role-addresses 
info, sales, postmaster, and similar names can appear to the left of @ in e-mail addresses. An organization may forward messages intended for a given role to the personal address of the person(s) functioning in that role or office.
Vanity-addresses 
Most domain name hosting facilities provide mail-facilities to forward mail to another email address such as the user's Internet Service Provider.
Dismissed addresses 
When users change their email addresses, an administrator may set up forwarding from an old address to a current one in order to avoid losing messages.

[edit] Forwarding versus remailing

Plain message-forwarding changes the envelope recipient(s) and leaves the envelope sender field untouched. The "envelope sender" field does not equate to the From header which E-mail client software usually displays: it represents a field used in the early stages of the SMTP protocol, and subsequently saved as the Return-Path header. This field holds the address to which mail-systems must send bounce messages — reporting delivery-failure (or success) — if any.

By contrast, the terms remailing or redistribution can sometimes mean re-sending the message and also rewriting the "envelope sender" field. Electronic mailing lists furnish a typical example. Authors submit messages to a reflector that performs remailing to each list address. That way, bounce messages (which report a failure delivering a message to any list- subscriber) will not reach the author of a message. However, annoying misconfigured vacation autoreplies do reach authors.

Typically, plain message-forwarding does alias-expansion, while remailing serves for mailing-lists.[2]

In the Sender Policy Framework (SPF), the domain-name in the envelope sender remains subject to policy restrictions. Therefore, SPF generally disallows plain message-forwarding. Intra domain redirection complies with SPF as long as the relevant servers share a consistent configuration. Mail servers that practise inter-domain message-forwarding may break SPF even if they don't implement SPF themselves, i.e. they neither apply SPF checks nor publish SPF records.[3] Sender Rewriting Scheme provides for a generic forwarding mechanism compatible with SPF.

[edit] Client-based forwarding

[edit] Automated client-based forwarding

Client forwarding can take place automatically using a non-interactive client such as a mail retrieval agent. Although the retrieval agent uses a client protocol, this forwarding resembles server forwarding in that it keeps the same message-identity. Concerns about the envelope-sender apply.[3]

[edit] Manual client-based forwarding

An end-user can manually forward a message using an E-mail client. Forwarding inline quotes the message below the main text of the new message, and preserves original attachments. Forwarding as attachment prepares a MIME attachment that contains the full original message, including all headers and any attachment. Note that including all the headers discloses much information about the message, such as the servers that transmitted it and any client-tag added on the mailbox.

This kind of forwarding actually constitutes a remailing from the points of view of the envelope-sender and of the recipient(s). The message identity also changes.

[edit] Historical development of e-mail forwarding

RFC 821, Simple Mail Transfer Protocol, by Jonathan B. Postel in 1982, provided for a forward-path for each recipient, in the form of, for example, @USC-ISIE.ARPA, @USC-ISIF.ARPA: Q-Smith@ISI-VAXA.ARPA — an optional list of hosts and a required destination-mailbox. When the list of hosts existed, it served as a source-route, indicating that each host had to relay the mail to the next host on the list. Otherwise, in the case of insufficient destination-information but where the server knew the correct destination, it could take the responsibility to deliver the message by responding as follows:

      S: RCPT TO:<Postel@USC-ISI.ARPA>
      R: 251 User not local; will forward to <Postel@USC-ISIF.ARPA>

The concept at that time envisaged the elements of the forward-path (source route) moving to the return-path (envelope sender) as a message got relayed from one SMTP server to another. Even if the system discouraged the use of source-routing,[4] dynamically building the return-path implied that the "envelope sender" information could not remain in its original form during forwarding. Thus RFC 821 did not originally allow plain message-forwarding.

The introduction of the MX record[5] made source-routing unnecessary. In 1989, RFC 1123 recommended accepting source-routing only for backward-compatibility. At that point, plain message forwarding[3] became the recommended action for alias-expansion. In 2001, RFC 2821 mentioned that "systems may remove the return path and rebuild [it] as needed", taking into consideration that not doing so might inadvertently disclose sensitive information.[6] However, it still encourages plain message-forwarding for alias-expansion.

[edit] ~/.forward files

sendmail, the reference SMTP implementation in the early 1980s, provided for ~/.forward files, which can store the target email-addresses for given users. One can configure some email-program filters to automatically perform forwarding or replying actions immediately after receiving. Forward files can also contain shell scripts, which have become a source of many security problems. Formerly only trusted users could utilize the command-line switch for setting the envelope sender, -f arg; some systems disabled this feature for security reasons.[7]

Email predates the formalization of client-server architectures in the 1990s.[8] Therefore, the distinction between client and server seems necessarily forced. The original distinction contrasted daemons and user-controlled programs which run on the same machine. The sendmail daemon used to run with root privileges so it could impersonate any user whose mail it had to manage. On the other hand, users can access their own individual mail-files and configuration files, including ~/.forward. Client programs may assist in editing the server configuration-files of a given user, thereby causing some confusion as to what role each program plays.

[edit] Virtual users

The term "virtual users" refers to email users who never log on a mail-server system and only access their mailboxes using remote clients. A mail-server program may work for both virtual and regular users, or it may require minor modifications to take advantage of the fact that virtual users frequently share the same system id. The latter circumstance allows the server program to implement some features more easily, as it doesn't have to obey system-access restrictions. The same principles of operations apply. However, virtual users have more difficulty in accessing their configuration files, for good or ill.

[edit] Notes

  1. ^ The primary MX record of the relevant domain usually publishes the name of the mail server. Otherwise the domain name must have an IP address.
  2. ^ See sections 3.10.1 Alias, and 3.10.2 List in RFC 2821.
  3. ^ a b c Consider the following forward path:

    A-> B -> C

    Domain B must not plainly forward a message from domain A to domain C, unless it controls either the policy of A or the filtering of B. Indeed, if A publishes an SPF policy that prevents B from using A's name, and C applies sender's policy-checking, C may refuse the message according to RFC 4408. In other words, one cannot formally distinguish plain message-forwarding from illegal domain-name abuse.
  4. ^ See the note in section 6.2.7 Explicit path specification of RFC 822
  5. ^ MX record has been introduced with RFC 974. See the historical section in MX record#History of fallback to A.
  6. ^ Plain message forwarding may disclose the final destination-address irrespectively of the user's intention. See sections 7.6 Information Disclosure in Message Forwarding, and 4.4 Trace Information in RFC 2821.
  7. ^ Hunt, Craig (2002). TCP/IP Network Administration. O'Reilly, page 606. ISBN 059600334X.  The current (version 8.708 of 2006) sendmail documentation mentions no restrictions in using the -f switch, and uses the verb set rather than override to describe its action on the envelope sender data.
  8. ^ The book dates in client-server-faq range from the early 1990s. Although remote procedure calls originated in the 1970s, they did not become widely used until networks became quite common.

[edit] See also

[edit] External links

Languages