jmp at safe
Oct 22, 2004, 4:34 PM
Post #3 of 9
Bonjour Matthew.van.Eerde [at] hbinc,
> There's plenty of spam software out there that works on a point system (SpamAssassin, for example.) A + result would be worth some "non-spam" points. A - result would be worth many "spam" points, or even outright rejection. A ? result would be neutral - no points either way.
> So publishing an SPF record with + records and an eventual ... ?all allows you to give the benefit of authority to your + records, without penalizing your users who are using (say) a "send this page to a friend" tool that forges the From field.
~all, "soft fail" could/should be used for that.
In term of deployment I disagree, If 'we' are too lazy
giving the "?all" to all SPF definition, SPF can't be
used in an effective way.
We are 'crunching' around 15000 Email/hours here, 95% is
pure scrap, not worth the trouble to even receive them,
SPF is a good way to say "yes this mail is really
coming from them, lets check it more deeply"
One of my customer, told me, "When SPF will be really
deployed, we'll configure our sendmail not receive
any E-mail but the one with a good SPF"...
"?all", (inserted by sysadmin laziness?), means we can't
use the SPF tools to its full potential (IE: Yes, there is an SPF
record, but please if remote IP is not in the list, lets
forgot about SPF). IMHO it is too bad...
(Is the E-mail coming from that domain Yes or Not, I still
- if IP is within OSBL database -> official SPAM
(can be tagged as such).
- -> outright rejection
- if IP is within OSBL database -> outright rejection
Problem OSBL database are not that reliable and very
heavy to maintain, so why not try to deploy a clean "SPF"?
Jean-Marc Pigeon Internet: Jean-Marc.Pigeon [at] safe
SAFE Inc. Phone: (514) 493-4280 Fax: (514) 493-1946
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-deployment [at] v2