In <x4is76kwa5(_dot_)fsf(_at_)footbone(_dot_)midwestcs(_dot_)com> wayne
<wayne(_at_)schlitt(_dot_)net> writes:
In
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0412111157590(_dot_)31092-100000(_at_)sokol(_dot_)elan(_dot_)net>
"william(at)elan.net" <william(_at_)elan(_dot_)net> writes:
really right now for HELO SPF checking. Would I be wrong to assume that
for every one HELO SPF test there are 10,000 MAIL-FROM SPF tests?
Considering the deployment of SpamAssassin 3.0 and the number of null
MAIL FROMs, I would guess that ration is far too high. It wouldn't
surprise me if the number was under 100 SPF MAIL FROM checks to 1 SPF
HELO check.
I have set up a tracking exists:%{l}._spf.%{d} to see. I would
encourage others to collect data via similar methods.
Well, it has been about two weeks since I added this tracking exists:
mechanism to my schlitt.net domain.
I have not been sending much email since then (only 8 posts to this
list), so my data is *very* limited. I have a three day TTL on my TXT
record, so nothing started to show up in my bind logs for a while.
Also, I'm sure that the email I send goes to many people who are on
the leading/bleeding edge of SPF deployment and is therefore very
biased.
Anyway, since I added this, had 46 hits on my SPF record, of which, 6
were contained "postmaster", and therefore were HELO checking. So,
not only is the ratio of HELO to MAIL FROM checking under my guess of
1 in 100 for me, but it is well under 1:10. That is a far cry from
William's guess of 1:10,000.
Real data is good. Again, I encourage others to put a similar tracking
exists: mechanism and collect more data.
For what it is worth, my SPF record looks like this:
@ TXT "v=spf1 exists:_h.%{h}._l.%{l}._o.%{o}._i.%{i}._spf.%{d} mx
a:footbone.%{d} -all"
-wayne