ietf-mxcomp
[Top] [All Lists]

RE: [spf-help] Re: SPF and SenderID

2005-07-24 19:17:06

-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Douglas 
Otis
Sent: Friday, July 22, 2005 1:05 PM
To: Scott Kitterman
Cc: MARID
Subject: Re: [spf-help] Re: SPF and SenderID




On Jul 21, 2005, at 7:43 AM, Scott Kitterman wrote:

I would say there is another option that should be considered.  Not
publishing SPF records.  Many recipients are rejecting '~' and '?'
which
creates an immediate problem for the sender with forwarding issues
that
depend upon this exploited feature.

I'm curious what the basis for this statement is.  Do you have
statistics?

No statistics.  I am repeating comments I have heard from
administrators at the meeting.  When perhaps a fraction of a percent
of non-abusive domains publish these records, saying 'many' would of
course be like describing the fleas of a flea.  It was not clear if
this was the result of some type of reputation response due to abuse
of the '?', which effectively says 'never mind'.  If you feel this to
be in error then '?'.  It does follow that I had expected and would
be a natural response when seeing this as means to prevent the
exploit of a neutral result.

-Doug

Some recent statistics posted on spf-discuss showed, IIRC, that Neutral was
not a strong spam sign.  Roughly half of Neutral results were classified Ham
and roughtly half as Spam.  Given that most e-mail being sent today is Spam,
Neutral results actually make a very poor indicator for Spam.

There are some popularly forged domains for which this is not true.  There
was also some recent discussion about strategies to deal with this.  I don't
recall anyone advocating outright rejection of all messages with Neutral
results.  The sensible strategy seemed to set thresholds and start to reject
once a certain number had been received in a certain period.

Softfail was a decent indicator of forged spam, much different than Neutral
as I recall.

Scott Kitterman


<Prev in Thread] Current Thread [Next in Thread>