[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Stuart
Sent: Thursday, January 13, 2005 1:51 PM
Subject: Re: [spf-discuss] Zonecuts specified in SPF draft
And finally, I'll restate a third way. SPF stops MAIL FROM domain forgery.
It does NOT stop spam. It does NOT stop rfc2822 forgery. But the
SPF result is a useful input for your spam strategy. Hence, there
MAY be a difference between a NEUTRAL result, and no SPF record for
purposes other than detecting forgery.
Yes, but in that case it is essential to make a distinction between a
NEUTRAL result because it fell off the end of a record ?all and a NEUTRAL
result because it matched a mechanism that resulted in a NEUTRAL score (e.g.
?mx for a mail server that does not prevent cross-customer forgery). They
mean different things:
?all: It's outside the bounds of the permitted set, but I'm not sure I've
covered everything so don't reject it.
?mx (or any mechanism): It's inside the bounds of the permitted set, but
the MTA in question is configured such that senders not authorized by the
domain owner may have sent the message.
http://bugzilla.spamassassin.org/show_bug.cgi?id=3616#c4 may be of interest.