I ran some stats on my logs for Feb thru June 2005:
Total Sessions : 36419
Total SPF Records : 1963 | 5.4%
The total sessions where the ones that were tested for SPF support. This
was already after >90% of the incoming connections were pruned before the
test was necessary. Of the ones tested, 5.4% had SPF records. So its
growing folks! This was nearly 1-2% last year!
---------------------------------------
SPF Result Breakdown
---------------------------------------
result | total | pct | null%
------ | ----- | ----- | -----
unknown | 11 | 0.6% | 0.0%
error | 1 | 0.1% | 0.0%
pass | 1242 | 62.2% | 21.7%
fail | 136 | 6.8% | 0.0%
softfail | 166 | 8.3% | 0.0%
neutral | 441 | 22.1% | 2.5%
total: 1997
What is significant here is the 21.7% number of passes based on a HELO check
when the return path is NULL% I need to check to see how much of this is
spammers or valid bounces. Most I know are legit bounces, but this also
shows that people are getting their machine SPF record set too.
---------------------------------------
SPF Average Time (milliseconds)
---------------------------------------
result | time | count | ave
------ | ------- | ------- | -------
unknown | 1982 | 11 | 180
error | 625 | 1 | 625
pass | 182481 | 1242 | 147
fail | 85620 | 136 | 630
softfail | 31714 | 166 | 191
neutral | 524149 | 441 | 1189
This basically shows how much time it took to perform the DNS lookup and SPF
processing. Notice how RELAX POLICIES put a higher burden on receiver
systems. This can't last in a wide adoption.
---------------------------------------
Non Pass/Fail SPF CBV Result Stats
---------------------------------------
Total Non Pass/Fail: 464
CBV Pass : 160 | 34.5
CBV Reject : 176 | 37.9
CBV Failed : 128 | 27.6
Finally, for the relaxed policies (or indeterminate, not PASS or FAIL)
session are passed thru our CBV and this shows that ~65% are bad systems
(rejected by remote or the host was bad - failed).
This further illustrates how Relax Policies will is a wasteful policies that
puts overhead on systems.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com