Frank Ellermann <nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> wrote:
SPF (both v=spf1 and spf2.0, there is no "v=pf2.0") allows
to log DNS queries. That's documented in the v=spf1 draft:
With SPF's "exists:"-mechanism it's possible to log when
somebody tries to evaluate the policy.
Result of this experiment (last state that I've heard of):
Absolutely nobody evaluates "spf2.0/pra". This "opt-out"
strategy from the PRA-experiment does not work.
Well here are some current stats since I do log.
Data sample: Oct 26 to Dec 9, 2005
Logged entries are queries that have failed SPF checks.
Successful matches are not logged. There is no need to put
an undue burdon on good email. I would only do that if I were
doing an official statistics monitoring. So, these numbers
are to be taken as anecdotal.
DNS servers querying v=spf1 records: 5216
DNS servers querying spf2.0 records: 828
DNS servers querying only spf2.0 records: 152
doing the math, servers checking both: 676
total raw v=spf1 queries: 56097
total raw spf2.0 queries: 7334
So, yes, the other guys are catching up in usage.
-Mike Elliott
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com