In
<Pine(_dot_)LNX(_dot_)4(_dot_)58(_dot_)0410061129590(_dot_)7769(_at_)snoopy(_dot_)smi(_dot_)sendmail(_dot_)com>
Rand Wacker <rand(_at_)sendmail(_dot_)com> writes:
I agree and have seen similar estimates to everything you say Carl, but
its important to note that without infrastructure upgrades then you can't
reliably reject mail that *fails* an SPF or SID check without causing a
false positive rate of nearly 20%
Can you provide any data to back up this 20% false-positive claim?
It is *FAR* higher than, for example, what the Spamassassin folks
found when setting up the scores for SA 3.0. It is also dramatically
higher than the stats for my personal domain and for other sources
that I've seen.
I can understand that many people would consider a even a 0.2% false-positive
rate to be unacceptably high and wouldn't reject email because of it,
so I'm not claiming that everyone should reject on SPF fail.
-wayne