On Sat, Sep 03, 2005 at 04:58:26PM -0700, Gaven Henderson wrote:
So, can somebody explain to me the functional difference between neutral and
softfail?
Neutral: act as if the SPF record wasn't present. We make no statement
at all about the connecting host.
Softfail: do not yet reject this mail. We're almost sure we got it right
but people do make mistakes. The connecting host will be one
to reject once we changed our record into hardfail, or maybe
we need to move this host to the other side.
Some valid policies:
"v=spf1 ?all" : We've heard about SPF. We explicitly announce we won't
take part in it.
"v=spf1 ~all" : We're almost sure this domain isn't used for email. However,
it could be that we overlooked something. Please do not
reject and please do let us know.
"v=spf1 -all" : We're absolutely sure this domain isn't used for email.
Please do not accept this message or at least do not bother
us with bounces, out-of-office messages, virusscanner crap
and any other spam you are emitting yourself.
"v=spf1 +all" : Either we're stupid or we do spam.
AOL-kind of policies:
"v=spf1 ip4:..../24 ip4:../16 ?all" We know for sure mail coming from the
announced address blocks is good. We cannot say anything
about other mail as we allow our users to use their email
address from any computer in the world.
"v=spf1 -ptr:... -ptr:... +ip4:.../24 ?all" Mail can come from anywhere
except from the blackholed addresses. We vouch for mail
from our netblock.
Large corporate policy:
"v=spf1 a:mailout.emea.example.com
a:mailout.example.com
a:mailout.pacific.example.com
a:heracles.example.org
-all"
We deliver mail from three mailhosts and we allow our
advertisement buro to use our name. All others are not
allowed
Alex
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com