spf-discuss
[Top] [All Lists]

Re: Time to start rejecting on neutral?

2005-05-17 05:30:24

Either that, or you switch to a provider that doesn't allow
cross-customer forgery.
The only problen is that there are none or virtually none of those.

Aren't the worries about cross-customer forgery a little bit academic?

For shared (and properly administered!) MTA's, I think an SPF 'pass' would
be closer to reality than a 'neutral' response (even if cross-customer
forgery can't be ruled out). Another customer who is abusing your domain
could be tracked down with no problem at all. If you don't trust the
administrator of this MTA to quickly terminate said (ab)users account upon
notification of this, you really need to find another one.

The only place where I consider a neutral response useful is in '?all',
where it has become (like people already predicted) almost an invitation
for spammers to abuse that domain. I agree with the people suggesting that
'softfail' and 'neutral' should be considered 'temporary' results and that
administrators should work towards a clear 'pass' or 'fail'.