Ian Eiloart wrote:
Actually, I'm finding SPF quite useful. Rejecting spf fails, spam scoring
on softfails, and limiting the exposure caused by whitelisting.
+1, whitelisting based on SPF or DKIM seems to work well for most
lists that transmit invalid "From" values (besides ADSP, it is quite
frequent to get, e.g., joe(_at_)NOSPAM(_dot_)example(_dot_)org(_dot_))
One question is whether SPF is a good method for selecting the
/second party signature/, for reputation checking, in case there is
no valid author domain's signature, but multiple valid signatures
are present. In facts, servers that run various virtual domains on
the same IPs cannot use rDNS to tell on behalf of which domain the
current transmission is meant to be.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html