Re: Handling of -all

Tony Finch wrote:

I think the best advice at the moment is to do both of these things. SPF
is probably a reasonable SpamAssassin test, but it isn't accurate enough
to be the sole reason for rejecting a message.

I do publish -all, because the damage that is done by fake messagespretending to come from our domain is much larger than the potentialdanger of being rejected because of forwarding. I therefore expect otherdomains to reject based on that policy. To quote Scott Kitterman:

(3) Originating domains MUST publish -all policies only after the understand
the potential consequences and believe that the risk of some messages is
worth the benifits associated with the policy (that would be me by the way).

and

SPF verifiers SHOULD reject messages that fail a -all test

As we expect others to reject on -all, the same is performed at our mailboundary. The largest problems we see nowadays are not unforeseenrejections, but plain IP blocks (verizon.net for example).


Best regards,

--
Rene Barbier

<Prev in Thread]	Current Thread	[Next in Thread>
Handling of -all, Jim Fenton RE: Handling of -all, Scott Kitterman Re: Handling of -all, Alex van den Bogaerdt Re: Handling of -all, Tony Finch Re: Handling of -all, Rene Barbier <= Re: Handling of -all, Commerco WebMaster Re: Handling of -all, Alex van den Bogaerdt Re: Handling of -all, Commerco WebMaster Re: Handling of -all, Alex van den Bogaerdt Re: Handling of -all, Commerco WebMaster Re: Handling of -all, Alex van den Bogaerdt Re: Handling of -all, Daniel Taylor RE: Handling of -all, Scott Kitterman Re: Handling of -all, Alex van den Bogaerdt RE: Handling of -all, Scott Kitterman