-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A bit of communication will go a long way here.
Since ~all is intended primarily for testing, it isn't really
a valid long term solution for your needs. As such your best bet
is to publish using ?all while going through the following process:
1: Identify the IP ranges your legacy customers send from.
2: Approve those ranges with ?[range ID] or +[range ID] where
the range ID can be by domain or numeric IP spec.
3: When done with step 2 change back to ~all for final testing.
4: When you are confident that all your legacy customers are covered
switch to -all.
This way you and your customers are protected, everyone's valid
e-mail gets through, and in the end everyone but the VXers and
spammers are happy.
It is more work, but I would hope that it is worth it to you.
John Dupuy wrote:
If this has been discussed at length before, I apologize, my searches so
far come up empty...
Two nearby colleges, one of them the Univ. of Missouri, have been using
SPF to reject spam. That would generally good. We have been publishing
SPF records for a long time.
Here is the bad: they seem to be automatically rejecting messages
outright "soft fail".
We chose "soft fail" on purpose. While nearly all customers use our mail
servers (directly or via SMTP auth), we have many thousands of legacy
customers, for a variety of reasons, who are not on our IP ranges that
send using our domain. We published the SPF records as a helpful hint,
not as an outright indicator of rejection.
That is the whole point of "soft fail" isn't it?
Anyway, we are strongly considering withdrawing our SPF record to help
our customers send legitimate mail. I'd hate to do that.
Have any of you encountered this kind of behavior? Any suggestions?
John
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
- --
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDXmGM8/QSptFdBtURAoD8AJwOv3dNktnC3vJ6i7ZZ0A34mCUeIQCdGhsg
L4VjhONof4gpUtTGEFA6hyU=
=J4+O
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com