spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] SPF Feedback

2006-06-05 10:55:56
from [Philip Hachey] [Permanent Link] 

Topic: Other
Name: Philip Hachey
Organization: City of Cornwall (Ontario, Canada)

I integrated SPF checking on our incoming mail filters in August, 2005 and we 
have had overall positive experiences.  I integrated Mark Kramer's 
sendmail-milter-spf into our filtering MTA:
- Pentium III 866
- 2304 MB RAM
- 9 GB U160 SCSI HDD
- White Box Enterprise Linux 3.0
- Sendmail 8.13.5
- Perl 5.8.8 including: Sendmail::Milter 0.18, Net::CIDR 0.11, Mail::SPF::Query 
1.999.1, and Mail::SRS 0.31
- Server also Uses MailScanner, SpamAssassin, ClamAV, DCC, Pyzor, Razor, and 
some custom black lists.

Almost no maintenace has been required of the SPF checking components in the 
more than nine months of usage.

I had to whitelist one domain which our users correspond with which had 
published hard fail and incorrect SPF records (they never responded to or acted 
on my requests to fix their records).

Initially, I had a bit of a problem knowing which implementation of SPF 
checking to go with, but some experimenting and mailing list discussion helped 
to me to figure that out.  Definitely, checking that's already built into an 
MTA like Sendmail would make this a whole lot easier.

While I do publish SPF records internally to ease some administration, I've 
nerver published public SPF records.  That's because we use third-party DNS 
hosting, and they claim not to have the ability to create TXT records.  
Eventually, when we take over external DNS hosting ourselves, I will publish 
the records.

Our filtering MTA processes two to three thousand incoming messages per day.  
SPF checking blocks, due to hard fails, around 50 to 100 messages per day.  I 
expect that this number would increase if SPF record publishing becomes more 
mainstream.  Soft fails add to the SpamAssassin scoring.  There are, on 
average, 175 soft fail messages per day.  Of those, the added scoring from SPF 
soft fails makes a difference in less than ten messages per day -- i.e. scoring 
by other means more likely than not catches spam before SPF soft fails are 
taken into consideration.

I hope that's informative and you may email me if you would like some 
additional information,
Philip Hachey

-- 
Message was sent via the SPF website contact form
<http://new.openspf.org/Contact>

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  Re: [spf-discuss] SPF Feedback, Scott Kitterman
Next by Thread:  Re: [spf-discuss] SPF Feedback, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]