Welcome

libsrs2 is the next generation SRS library from the original designer of SRS. It implements the Sender Rewriting Scheme, a part of the SPF/SRS protocol pair. Libsrs2 has been written from an entirely clean codebase with compliance, speed and versatility in mind. It is platform independent and has no external dependencies. It is thread-safe and heap-safe, and is suitable for large scale applications and embedded systems and can operate without many standard system facilities.

• I want to find out about SRS. (technical paper)
• I want to configure my MTA for SRS. (MTA users' guide)
• I want to patch an MTA for SRS. (MTA patchers' guide)
• I want to download libsrs2. (download page)
• I want to read documentation for libsrs2. (documentation page)
• I want support for SRS or libsrs2. (support page)
• I found a bug! (support page)

What is SPF?

SPF is one of a family of systems which aim to prevent email address forgery. A good SPF implementation is available from http://www.libspf2.net/.

[From spf.pobox.com]: The present SMTP standard for email allows anyone to forge anyone else's email address. This means I could send anyone a message claiming to be from you, and only an email expert would be able to tell the difference. SPF allows your mail servers to easily distinguish forgeries from real mail. Importantly, SPF works before the message body is transmitted, saving you the bandwidth cost of downloading the message and the CPU cost of filtering it.

What is SRS?

SPF (and related systems) present a challenge to forwarders, since the envelope sender address might be seen by the destination as a forgery by the forwarding host. Forwarding services must rewrite the envelope sender address, while encapsulating the original sender and preventing relay attacks by spammers. The Sender Rewriting Scheme, or SRS, provides a standard for this rewriting which makes forwarding compatible with these address verification schemes, preserves bounce functionality and is not vulnerable to attacks by spammers. A graphical explanation is available here or here and a technical document describing the protocol and its strengths is at here.

Why SRS?

It works with all address verification schemes..

SRS is an exceptionally clean and simple design which brings compatibility not just with SPF, but with many other ad-hoc address verification schemes, some of which are used by major ISPs.

It is well defined and secure.

The paper on SRS describes in detail how the protocol works and why it is invulnerable to attack.

SRS does not require changes to protocol or semantics.

SRS exists as a rewriting system entirely within current SMTP practices. Many alternative systems require changes to either SMTP syntax, semantics or both. SRS requires neither.

It has minimal impact.

While anyone can implement SRS, only forwarders need to implement SRS. No modifications are required by any other party to MSAs, MTAs, MUAs or other software.

How to Contribute

Contact the developers. Can you (for example)

• Write or maintain patches against MTAs?
  • courier
  • zmailer
  • qmail
• Take responsibility for a distribution?
  • Red Hat and Mandrake (Packager needed)
  • Slackware
  • Debian (Maintainer needed)
  • FreeBSD ports (Submitter needed)
  • OS/X fink
• Write bindings for a language?
  • Python