John Levine writes:
The amount of mail going through SPF tests is still small, and only a few
aggressively wacky sites block mail that fails SPF.
With the release of SA3.0, this is likely changing.
Small amount of mail tested, or few wacky sites? Both, I suppose.
If people really are doing tests of SPF or Sender ID or other similar
schemes, I'd be most interested in hearing about the results,
particularly numbers of how much legit mail is tagged valid or
invalid, how much spam is tagged valid or invalid, and how spammers
are adapting/ Ciphertrust says they've seen more spam than good mail
pass SPF checks. That doesn't surprise me, but their numbers were so
small that I'd like to see some confirmation.
After DNSBLs, SPF is my most successful spam filter. Here's my
latest mail report (# of messages rejected/reason).
7951 550 User unknown.
6182 517 HELO mismatch
1310 502 ESMTP command error
1171 511 Blocked by www.spambag.org : Blocked
839 517 Sender Policy Framework error
81 551 DNS lookup failure
74 558-500-sam:558 500 Message rejected by recipient's mail filter (BCC).
67 Connection timed out
35 500 Microsoft virus refused.
22 550-The headers in this message contain improperly-formatted binary…
21 513 Relaying denied.
21 550-This message contains improperly-formatted binary content…
20 550-This message contains text that uses unnecessary base64…
14 517 Syntax error.
<= 10 79 errors for 44 types
SPF blocks ten times more spam than the next most common spam filter. Also,
a fairly good portion of the "HELO mismatch" rejects would've probably been
caught by the SPF checks too.
I have occasional reports of false positives, but they were related to other
causes. No false positives reported for SPF.
pgp5oM5iNZVgO.pgp
Description: PGP signature