----- Original Message -----
From: "Dennis Willson" <taz(_at_)taz-mania(_dot_)com>
In other words:
PASS - ACCEPT
FAIL - REJECT
OTHER - MORE WORK
Actually I look at as:
PASS - More work
FAIL - REJECT
OTHER - More work
I believe the only meaningful result is FAIL. PASS doesn't mean
anything but that it's not forged, it still needs to be
scanned for Spam, etc...
I agree that there is less trust in a SPF PASS than a SPF REJECT. I once
outlined this as an inequality during early discussions.
We leave it up to the SYSOP as to how to handle the SPF result. From our config
file:
; SPF can return low trust results. A pass means the sender has
; a valid SPF record and is accepted. Softfail and Neutral means
; no match is found but rejection is not automatic. Setting a
; true accept can provide a loophole for potential spoofers who have
; SPF records. The options below allow you to control this.
Accept-SPF-Pass True ; if false, continue testing
Accept-SPF-SoftFail False ; if false, continue testing
Accept-SPF-Neutral False ; if false, continue testing
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com