[Top] [All Lists]

RE: Concluding the SPF and Sender ID experiments

2009-02-26 02:13:13

At 19:49 25-02-2009, MH Michael Hammer (5304) wrote:
I have no problem with RFC4406 and RFC4407 being moved to historic. I've

The change affects RFC 4405, RFC 4406, RFC 4407, and RFC 4408.

On the other hand, RFC4408 (SPF1) is fairly widely used by both senders
(published) and receivers (checked). I'm not prepared to throw a lot of
data points to the list at the moment but I am aware of receivers that
have used SPF1 checking as a strong indicator (high correlation) of ham
(pass) vs phishing (fail).

There is a note in RFC 4408 about the advice given in section 3.4 of RFC 4406 to publish both v=spf1 and spf2.0 records to avoid the conflict. A rough sample of domains using these specifications shows that they only publish v=spf1 records. Depending on the content of the record and on the context, that can lead to loss of mail. Using SPF1 fail as a strong indicator of phishing means that the receiver is using heuristics.

I'm fully aware that there are those who argue the forwarding issue

I am not bring up the forwarding issue as it would be more appropriate in a discussion about SPF internals.

I am not arguing that SPF is a magic bullet or that it stops SPAM. I am
asserting that it can be highly effective in certain contexts and it
would not be appropriate to move RFC4408 to historic.

RFC 4408 has been published as Experimental with a shelve life. What do you propose to do about that? The statu quo won't resolve the conflict between Sender ID and SPF.