You are missing where this is a GOOD thing. We WANT spammers to use
SPF. This will allow us to identify, publish, process,
shred, pillage,
burn, destroy the IP addresses that this stuff is coming
from. Nobody
is doing less stringent processing of the email that passes an SPF
check. It just makes it easier to block when identified.
How do you know the spammer has not bothered to include addresses of
legitimate MTAs? The obvious adaptive strategy would be to
disrupt this presumptive use of spammer's information as-if
it were trustworthy.
I am not looking at the SPF record at this point. I am looking at the
IP address they connected from.
Am I misunderstanding your question? This just seems too obvious to me.
The checks that I DON'T have to do are against the received from:
headers. I already know. If you want to call this 'reducing
filtering'
so be it. But it is a reduction because the check that you used to
have to run is no longer necessary.
The value of SPF is clear when white-listing as a means for
reducing false negative assessments.
SPF will never serve as a tool for blacklisting for what
should be obvious reasons. There is a risk presuming the
domain identified using SPF has not been spoofed somewhere in
the mail channel. SPF does not allow the IP address to be
trusted to allow address blacklisting beyond the current
connection, nor does SPF really allow the MAIL FROM mailbox
domain be trusted to a degree that would allow name
blacklisting, as it fails to accurately identify the entity
introducing the message. The mail channel is often shared
and there is no means to verify the channel is being checked
at either end of the administrative realms.
Please provide an example of how this would happen. I am completely
missing your chain of thought.
Regards,
Damon Sauer
*****
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential, proprietary, and/or privileged
material. Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities other
than the intended recipient is prohibited. If you received this in error,
please contact the sender and delete the material from all computers. 113