On Wed, 2006-02-22 at 01:37 -0500, John Kelly wrote:
On Wed, 22 Feb 2006 01:09:07 -0500, Mark Shewmaker
<mark(_at_)primefactor(_dot_)com> wrote:
But you're still susceptible to false-negatives when sid-milter does PRA
testing by looking at v=spf1 records for scopes other than mfrom.
Maybe. But the mail situation has reached crisis stage. It's time to
shoot first and ask questions later.
If that is your goal, it would be simpler, and probably more efficient,
if you simply randomly rejected some percentage of your incoming email.
However, I do find it hilarious that our very mailing list happens to
show real-world evidence of flaws in SenderID that show it to be
unusable.
Note that you rejected a message which:
1. Had a MAIL FROM domain with a published a v=spf1 record
written for spf "scope" only, and
2. Happened to have a body header From: with a domain that
had published a v=spf1 record written for spf "scope"
only,
but yet used a tool that has in its design the interpretation of these
records under a meaning that's not what the domain owner(s) intended.
So it's no wonder that you're losing valid mail.
It's exactly what I would expect to happen, and I thank you for bringing
to our attention experimental evidence showing that it does indeed
happen.
However, you are free (other than possible patent concerns) to continue
using your chosen method of rejecting mail if you wish. Just don't
expect anyone to alter their published records in such a way as to make
your misinterpretation result in answers more in line with what you
want.
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com