On Thu, Jun 08, 2006 at 06:03:32PM +0530, Ramprasad wrote:
I face sometimes, that SPF records of few domains are broken.
I was wondering if there was a generic way possible for bringing this to
the notice of the DNS administrators of that domain.
Today I noticed genuine mails from from hcl.in hitting SPF_NEUTRAL. I
know I should actually be rejecting the mails at the MTA but that is a
policy decision. My boss wont agree to that until "everyone" implements
SRS :-(
The example you give is NOT a broken SPF record. It is allowing
hosts 203.76.135.78, 203.105.185.19, 203.105.185.20, 203.105.186.19
and 203.105.186.20 to send mail using that domain. In addition, it
asks you NOT to reject mail from other servers.
BTW
What is the difference between SPF_SOFTFAIL SPF_NEUTRAL and SPF_HARDFAIL
or should I RTFM :-)
I think RTFM would indeed be a good thing for you. But here is the
short answer:
Softfail and hardfail are error conditions.
Neutral is a decision made by the publishing party, and effectively
asks you to process the message as if no SPF record was available.
It certainly does not mean you should reject the message, au contraire.
Would you be rejecting such mail, you would not be SPF compliant. At
least, if you would claim you rejected it due to SPF. Of course you
are free to reject spam, viruses, or any mail for that matter; just
don't blame it on SPF.
alex
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com