On Nov 14, 2008, at 8:02 PM, David Wall wrote:
I suspect that the majority of email sent has three of those four
implemented. If not quite a majority it's _definitely_ a large
fraction.
(Yes, I'm cheating. Nobody other than the very, very gullible
implements SenderID as such, but a valid SPF record is also a valid
SenderID record).
Since spam is said to be 90%, 95%, 99% of all email, but you say
most is sent with sender id. Are you suggesting most spam is sent
with valid sender id? Don't think so.
Having an SPF record is not the same as implementing SPF unless you
block all email that arrives that is not authenticated through SPF.
You are just posting a sign saying you'd like to comply, but don't
actually implement it on the receiving end. And if you block
everything that doesn't have SPF configured, you'll lost much of
your legit email.
Nobody with any experience or knowledge about email would seriously
suggest blocking mail solely due to lack of an SPF record or a
SenderID record or a DK or DKIM signature or an S/MIME signature or an
X-Herring: Red header.
However, most of those data points are widely checked and are used to
make decisions about mail delivery.
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg