Alex van den Bogaerdt wrote:
On Thu, Feb 10, 2005 at 10:30:11PM -0700, Commerco WebMaster wrote:
The joy of receiving some message stating "our advanced spam filter has
determined you sent the following" when it is an obviously forged from IP
address in another country is starting to wear a bit thin with me. Even
more so when said "advanced spam filter" company appears to pay no
attention to requests they consider implementing SPF support in their
software.
or virusscanner.
or one-time only opt-in confirmation.
or vacation message.
All the same.
"It's not stupid, it's *advanced*" -- The Tallest
While such behavior as you point to seems entirely inappropriate, it is
also not the fault of the SPF, those who publish SPF records for their own
domains or those who support published records in their MTA / SMTP software.
I think I see where you are going, but I really believe that the subjective
treatment of what should be an absolute is still not good design. Rather,
perhaps such things should be handled via an ~all with appropriate
modifiers.
But how is this going to happen? The DNS hoster doesn't know better
than to publish -all. Its customer doesn't know anything about SPF
at all. How is this situation going to magically change?
Same as SMTP misconfigurations have always changed.
As soon as mail starts bouncing, people complain, and the configuration
gets fixed.
The configuration almost never gets fixed until mail starts bouncing.
The *only* time this doesn't work is when BigCorp's mail server
is broken and doesn't get fixed, then all the small fry that deal with
them have to cope.
There are only a couple of BigCorps that I've seen on this list, and they
seem determined to get it right. I'm hopeful that this helps the situation
as a whole.
--
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203