spf-discuss
[Top] [All Lists]

Idea! Let's force adoption.

2004-10-09 15:10:59
I have a dastardly devious device in mind to help the slackers along. I'm
looking for feedback, or, if someone else has already tried this and gotten
bloodied by their user base, I'd like a heads up.

The Plan:

Put SPF records on the DNS serving your MX records.

Output a bounce message for an SPF-Fail (duh!).

Be polite (no message) for an SPF-softfail (at least they are working on an
implementation).

Output a bounce message for an SPF-Unknown (like, they don't have the TXT
records).

Here's where it gets cute! The bounce goes to the sender, not the
Postmaster. Postmaster messages are often ignored. The messages says (edited
nicely, of course, and with links to supporting doc pages):

Your email system has failed to identify it's proper users via SPF records.
Please contact your sysadmin and get them on the stick! Your message was
actually delivered, but with this warning. To avoid further warnings of this
nature, get your act together. Following 31 December, 2004 (pick your date
here), the messages will NOT be delivered until/unless you get with the
program.

If everybody does this, then we'll go from 150K DNS records fixed, to
millions.

The non-compliant systems need not implement SPF Checking on inbound
messages, they simply must provide us the one-liner to identify themselves.
If they want to reduce the spam, then they need the SPF lookups inbound of
course. We'd make all this clear in the bounce message.

Dan Barker, President
Software Projects, Inc.


<Prev in Thread] Current Thread [Next in Thread>