spf-discuss
[Top] [All Lists]

Re: [spf-discuss] How can one alert domain admins of broken spf records

2006-06-08 07:30:37
On Thu, 8 Jun 2006, Ramprasad wrote:

  I was going thru TFM ultimately , but it says SPF_NETUTRAL should be
treated as no record. But Spamassassin by default scores it 1.07. Should
I reduce the score then .. I think scoring such mail is against SPF
compliance. Wonder why it is done so in Spamassassin ? 

Spamassassin is simply using the SPF result as a factor in its weighted
decision.  It is not rejecting simply based on the SPF neutral result.

Scott wants me to mention that sending DSNs is a good way to complain
about broken SPF records.  For instance, in case of PERMERROR, I send
a DSN like this example :

-----------------------------
X-Mailer: "PyMilter-0.8.5"
        
<SRS0=6+o/Q=73=grrlnetwork(_dot_)com=3054a456155516a13186a37452309a292(_at_)mail(_dot_)bmsi(_dot_)com>
MIME-Version: 1.0
Content-Type: text/plain
To: 3054a456155516a13186a37452309a292(_at_)grrlnetwork(_dot_)com
From: postmaster(_at_)mail(_dot_)bmsi(_dot_)com
Subject: Critical SPF configuration error
Auto-Submitted: auto-generated (configuration error)
Message-Id: 
<SRS0=6+o/Q=73=grrlnetwork(_dot_)com=3054a456155516a13186a37452309a292(_at_)mail(_dot_)bmsi(_dot_)com>
Sender: "Python Milter"
        
<SRS0=6+o/Q=73=grrlnetwork(_dot_)com=3054a456155516a13186a37452309a292(_at_)mail(_dot_)bmsi(_dot_)com>

This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

        terrir(_at_)example(_dot_)com

Subject: Work as a Jonesboro Travel Rep: Free Travel, great pay, set your 
hours.. 

Your spf record has a permanent error.  The error was:

        Unknown mechanism found: 216.14.17.191/32

We will reinterpret your record using "lax" processing heuristics
which may result in your mail being accepted anyway.  But you or your
mail administrator need to fix your SPF record as soon as possible.

We are sending you this message to alert you to the fact that
you have problems with your email configuration.

If you need further assistance, please do not hesitate to
contact me again.

Kind regards,

postmaster(_at_)mail(_dot_)bmsi(_dot_)com
-----------------------------

In addition, if the DSN is not accepted, I immediately BLACKLIST the
sender for a week.  Subsequent emails from the sender make great
bayes filter auto-training fodder.

"Lax" processing means applying various heuristics to try and guess
what the sender really meant.  In the above example a heuristic
might guess that the sender really meant "ip4:216.14.17.191/32"
[makes note to add that heuristic to pyspf].  This does *NOT* change
the SPF result.  The Received-SPF: header still says permerror.
I add an X-Guessed-SPF: header to record the heuristic result.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com