On Thu, 10 Feb 2005, Andy Bakun wrote:
I think the best advice at the moment is to do both of these things. SPF
is probably a reasonable SpamAssassin test, but it isn't accurate enough
to be the sole reason for rejecting a message.
This implies that SPF processing and SPF records will become more
accurate over time just by the virtue of existing. This is bogus, it's
like saying that we want 2+2 to equal 4, but today it equals the
inconvenient 5, but if we just wait long enough, it will equal 4 in six
months. The SPF process checks a fixed set of attributes about a mail
connection against a domain's specified SPF record. Given the same
inputs, the output should be exactly the same every time -- it is only
as accurate as the inputs.
The processing of SPF records and how to specify an SPF record that is
accurate for any given domain is well laid out. Anyone who sets up an
SPF record should make sure that it either reflects how their network
currently operates or how they want it to operate. If they are
specifying how they their network to operate, then they must be
proactive in migrating their network to their ideal setup. These things
don't happen by themselves.
I think the original poster meant to imply that if we just wait long enough,
admins around the world will do what you just described, and make
both their SPF records and their email configs more accurate. He wasn't
expecting the bits to spontaneously undergo beneficial mutations,
but rather that intelligent agents would bring about needed changes.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.