At 09:41 AM 7/4/2004 -0400, Koen Martens <spf(_at_)metro(_dot_)cx> wrote:
I've taken the lead on this, and am enquiring whether anyone on the list
here is an ISP, can provide me with some input on how they did roll out
spf or how they are planning to do so. What issues should ISP's take
into account?
Maybe we want to provide standard letters ISP's can send to their
customers. Checklists for the technicians, that kind of stuff.
Anything would help!
Koen
****************** REPLY SEPARATER *******************
For us it was really quite simple. We do not allow our customers to run
servers without prior approval. We know about any legitimate mail servers
in our IP space, and so far none have not asked to have SPF records added.
For domains that we provide both mail services and DNS services, we added
the SPF records without consulting them (they would not know how to respond
if we asked anyway). These are mostly pain-in-the-ass vanity domains, and
if they were to complain, we would probably tell them to take their
business elsewhere. For the amount of revenue they bring in, it is not
worth wasting any time on.
From day 1 we used -all, because it helps us in our battle with illegal
servers.
This may seem like a rather harse policy, but we find it best to lay out
the ground rules right up front, instead of covering up the problems with a
wishy washy policy. ALWAYS get the customer to sign the terms and
conditions of service. That covers yourself when it is time to cut the cord.
J.A. Coutts
Systems Engineer
Alberta Independent Internet