On Fri, Mar 19, 2004 at 02:58:40PM -0600, wayne wrote:
In <20040319203938(_dot_)GA25304(_at_)UnderGrid(_dot_)net> "Jeremy T. Bouse"
<jeremy+spf(_at_)undergrid(_dot_)net> writes:
On Fri, Mar 19, 2004 at 02:03:01PM -0600, wayne wrote:
In
<5B734AC36BC9714EB88451E6E2F043B1156048(_at_)alaia01(_dot_)alaia(_dot_)net>
Marc Alaia <marc(_at_)alaia(_dot_)net> writes:
This is a known "feature" of M:S:Q 1.996. Any time a host does not
exist (not just lacking a TXT record, but an NXDOMAIN), the SPF check
fails. [...]
I kind of like this 'feature' personally as it stops obvious
forged email which is the intent of SPF to stop forgeries that spammers
use to hide their identity.
SPF is not intended to be the final and ultimate solution to the spam
problem. SPF is intended to be a way for domain owners to communicate
their desired usage of their domain names to email receivers. If the
domain owner hasn't said that the SPF check should fail, it shouldn't.
I understand that point however if a domain is non-existent and
thus returns back a reply that only points to a GTLD Root server, as
atlaswebmail.com and Lamdforms.com currently do it might be safe to assume
mail shouldn't be coming from that domain. Receiving a NXDOMAIN vs. a
NOERROR is the key difference between a domain existing and a domain not
having any SPF data publish'd.
Checking for invalid hostnames and hostnames without MX/A records is a
common feature of MTAs. I've been using it on Exim for quite a while
now. I encourage you to use it also.
Actually Sendmail has had this as well for a number of years and
by far stops more spam than SPF or DNSBL's do.