spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Please stop publishing -all it is NOT time yet

2004-06-14 02:34:17
from [Koen Martens] [Permanent Link] 
On Mon, Jun 14, 2004 at 10:09:21AM +0100, David Woodhouse wrote:

On Mon, 2004-06-14 at 10:51 +0200, Koen Martens wrote:

Actually, the hops in between also need to do spf checking of course,
if they don't it doesn't matter wether you have -all ?all or
-hoolahoola .


OK. You've answered the question -- you evidently don't understand, and
you're publishing a record which is causing your clients' valid email to
be bounced.


Actually, if you'd take the time to notice who you're actually responding to 
you'd have noticed I am not the one who first gave rise to the question.
Second, if you'd taken the time to read my comments fully, you'd have seen the 
bit about 'for some domains it's feasible that blablabla'. Of course, it's not 
only the hops in between, but also the final receiving server that needs to do 
spf checking for your scenario to work out. 


Think about it. Your client sends a message to an address @infradead.org
which is actually just a forwarding address, and gets forwarded to
elsewhere. The intended recipient does SPF checking, and decides that
they're not going to accept the message in question from one of my
machines.

There are literally millions of domains out there forwarding mail
without SRS. By publishing a '-all' record you are saying that your
clients should not be permitted to send mail to those addresses.


No, YOU think about it. I publish -all on the domains I use for my mail, or my 
domains that are never used for mail. If I get a bounce, i know what to do. 
I'll let my clients decide what they want. But I will publish -all, and if 
something bounces, well I'll found out soon enough. 

I understand perfectly well what is going on where and how. I choose to do -all 
because I can afford to.



Anyway, isn't it supposed to bounce, instead of being silently dropped?


For the majority of users there isn't really a practical difference.
People are too stupid or lazy to read bounce messages, in general, and
most of the text in SPF bounce messages is misleading. 


See above.

Koen

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: pgpVUX5tXGeRw.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Best way to persuade ISP to trial SPF?, James Reather
Next by Date:  Re: Please stop publishing -all it is NOT time yet, David Woodhouse
Previous by Thread:  Re: Please stop publishing -all it is NOT time yet, David Woodhouse
Next by Thread:  Re: Please stop publishing -all it is NOT time yet, Teddy
Indexes:  [Date] [Thread] [Top] [All Lists]