On 10/6/04 2:36 PM, "Rand Wacker" <rand(_at_)sendmail(_dot_)com> wrote:
I agree and have seen similar estimates to everything you say Carl, but
its important to note that without infrastructure upgrades then you can't
reliably reject mail that *fails* an SPF or SID check without causing a
false positive rate of nearly 20%
So SPF and SID are useful to allow whitelisting of the 80% or so of
messages that *pass* checks (and are on the associated whitelist), but
will probably not be useful for anti-forgery checks.
Correct. We would not reject if SPF or SID fails, but could consider it more
"whitelisted". And this is what we are doing today and hope to do more of in
the future.
It aint purrrrfect. But it does help.
--
Carl Hutzler
Director, AntiSpam Operations
America Online Mail Operations
cdhutzler(_at_)aol(_dot_)com
703.265.5521 work
703.915.6862 cell