As I mentioned in my in my post about the Email Auth Summit, Harry
does not know of any "significant" cases where the re-use of SPFv1
I would like to generate a list of all cases where the re-use is an
actual problem. While I'm not concerned if the cases meet MS's
definition of "significant", I am very interested in actual data on
the size of the problem. Where, "size" could be the percentage of
email or the number of domains, or whatever.
Please send in your list.
I've been reluctant to bring this up, because I don't like it.
However, in the long run it's better to deal with things as they are,
not as I'd like them to be, and since you asked ...
I run sendmail's sid-milter. It does both SPF "classic" checks and
Sender-ID checks. By default it uses v=spf1 records only, for both
checks, and I ran it that way for weeks.
It logs the result of each check, so I have thousands of log entries
reporting both checks. 1000 messages for which SPF or Sender-ID
yielded a definitive pass or fail would typically include only about
10-20 for which they disagreed. When they did, the one saying "pass"
was nearly always right.
My mail system rejects most spam before messages reach milter
processing. The results for all mail including spam might be very
While fixing some bugs in sid-milter, I modified it to run the way I
want it to. As I now run it, the PRA check does not use v=spf1
BTW, now more than a third of the mail getting to my milters (i.e, the
mostly-legitimate mail) is from domains with SPF records.
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com
Gatekeeper, NetHeaven, Saratoga Springs, NY
Oldest Internet service based in the Adirondack-Albany region