ietf-mxcomp
[Top] [All Lists]

Re: SPF deployment, was RFC 3929 on Alternative Decision ...

2004-10-31 07:45:37
John Levine writes:


The amount of mail going through SPF tests is still small, and only a few
aggressively wacky sites block mail that fails SPF.

With the release of SA3.0, this is likely changing.

Small amount of mail tested, or few wacky sites?  Both, I suppose.

If people really are doing tests of SPF or Sender ID or other similar
schemes, I'd be most interested in hearing about the results,
particularly numbers of how much legit mail is tagged valid or
invalid, how much spam is tagged valid or invalid, and how spammers
are adapting/ Ciphertrust says they've seen more spam than good mail
pass SPF checks.  That doesn't surprise me, but their numbers were so
small that I'd like to see some confirmation.

After DNSBLs, SPF is my most successful spam filter.  Here's my
latest mail report (# of messages rejected/reason).

7951    550 User unknown.
6182    517 HELO mismatch
1310    502 ESMTP command error
1171    511 Blocked by www.spambag.org : Blocked
839     517 Sender Policy Framework error
81      551 DNS lookup failure
74      558-500-sam:558 500 Message rejected by recipient's mail filter (BCC).
67      Connection timed out
35      500 Microsoft virus refused.
22      550-The headers in this message contain improperly-formatted binary…
21      513 Relaying denied.
21      550-This message contains improperly-formatted binary content…
20      550-This message contains text that uses unnecessary base64…
14      517 Syntax error.
<= 10        79 errors for 44 types


SPF blocks ten times more spam than the next most common spam filter.  Also,
a fairly good portion of the "HELO mismatch" rejects would've probably been
caught by the SPF checks too.

I have occasional reports of false positives, but they were related to other
causes.  No false positives reported for SPF.

Attachment: pgp5oM5iNZVgO.pgp
Description: PGP signature