Hector Santos schreef:
With a local user conservation about SPF, he told me that GMAIL was
supporting SPF and you can see the headers via their web mail client.
He didn't show me complete details of the headers, but based on what he
showed, it didn't seem GMAIL was doing something that didn't seem quite
kosher.
In short, it seems like GMAIL is doing non-SPF checks and putting the
results in Received-SPF: headers as PASS.
Example:
Received-SPF: pass (gmail.com: best guess record for domain of
root(_at_)abusecore(_dot_)charter(_dot_)net designates 209.225.29.51 as
permitted sender)
What I was telling the user is that I don't see this domain as supporting
SPF or has SPF records so I don't see how GMAIL can write a PASS result in
the Received-SPF header.
All I can see is that the domain A record of the IP. But that's it.
Anyway has any comment on this?
From 'Mail::SPF::Query' module (1.997):
Set C<guess=E<gt>1> to turned on automatic best_guess processing.
This will use the best_guess SPF record when one cannot be found
in the DNS. Note that this can only return C<pass> or C<neutral>.
By default, the mechanism 'a/24 mx/24 ptr' is used then, which explains
the above mentioned result. It's a matter of taste if you want to use
this. Since it will either provide a 'pass' or 'neutral' result,
personally I find it pretty useless.
Arjen
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com