spf-discuss
[Top] [All Lists]

More SPF statistic

2005-07-08 04:03:00
I ran some stats on my logs for Feb thru June 2005:

Total Sessions          :   36419
Total SPF Records       :    1963 |   5.4%

The total sessions where the ones that were tested for SPF support.  This
was already after >90% of the incoming connections were pruned before the
test was necessary.   Of the ones tested, 5.4% had SPF records.  So its
growing folks!  This was nearly 1-2% last year!

---------------------------------------
 SPF Result Breakdown
---------------------------------------
result     | total |    pct |   null%
------     | ----- |  ----- |   -----
unknown    |    11 |   0.6% |   0.0%
error      |     1 |   0.1% |   0.0%
pass       |  1242 |  62.2% |  21.7%
fail       |   136 |   6.8% |   0.0%
softfail   |   166 |   8.3% |   0.0%
neutral    |   441 |  22.1% |   2.5%
total:    1997

What is significant here is the 21.7% number of passes based on a HELO check
when the return path is NULL%    I need to check to see how much of this is
spammers or valid bounces.   Most I know are legit bounces, but this also
shows that people are getting their machine SPF record set too.

---------------------------------------
SPF Average Time (milliseconds)
---------------------------------------
result     |   time  |   count |   ave
------     | ------- | ------- | -------
unknown    |    1982 |      11 |   180
error      |     625 |       1 |   625
pass       |  182481 |    1242 |   147
fail       |   85620 |     136 |   630
softfail   |   31714 |     166 |   191
neutral    |  524149 |     441 |  1189

This basically shows how much time it took to perform the DNS lookup and SPF
processing.    Notice how RELAX POLICIES put a higher burden on receiver
systems.  This can't last in a wide adoption.

---------------------------------------
Non Pass/Fail SPF CBV Result Stats
---------------------------------------
Total Non Pass/Fail:   464
CBV Pass     :   160 |  34.5
CBV Reject   :   176 |  37.9
CBV Failed   :   128 |  27.6

Finally, for the relaxed policies (or indeterminate, not PASS or FAIL)
session are passed thru our CBV and this shows that ~65% are bad systems
(rejected by remote or the host was bad - failed).

This further illustrates how Relax Policies will is a wasteful policies that
puts overhead on systems.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



<Prev in Thread] Current Thread [Next in Thread>
  • More SPF statistic, Hector Santos <=