--On 16 August 2009 14:14:00 -0400 Bill Cole <asrg3(_at_)billmail(_dot_)scconsult(_dot_)com>
wrote:
3. If the IP that contacted is legitimate(can be verified by say SPF?),
it contacts the sender and provides the message ID with other details.
The *most* that SPF can provide towards showing "legitimacy" is to
confirm that the envelope sender address of a message is not forged. It
is very rare for large senders of any sort to deploy records that can do
that strongly. There is nothing about SPF that directly attacks spamming.
It could in theory be used to attack sender forgery, but the collateral
damage has proven to be too great for either sending or receiving systems
to actually apply it strongly to that end. Meanwhile, a lot of spammers
are sending a lot of spam with senders that are validated to the degree
that SPF can validate anything.
SPF deployment has grown rapidly from 5% of 2,000,000 sampled domains to
17% over the past three years, apparently including most USA banks. About
half of spf publishing domains, including some large senders like facebook,
use "-all" records. Apart from anything else "-all" on its own is a good
way of saying "this isn't an email domain", and it's probably a good idea
to publish it for every A record that doesn't point to a mail server.
Furthermore, some large recipients like gmail use these records to help
assign reputation to senders. Forwarded email is likely already suffering
from deliverability problems when the sender address is not rewritten (at
least in cases like forwarding facebook mail to gmail, for example), and
these problems will continue to get worse, not better as SPF deployment
increases, and as records are increasingly respected.
People who want to offer a reliable forwarding service to their users
already need to be thinking about rewriting sender addresses.
It might take a few years, but I'm convinced that we'll look back on SPF
deployment in the same was that we look back on the campaign against open
relays some years ago.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg