spf-discuss
[Top] [All Lists]

Re: [spf-discuss] How can one alert domain admins of broken spf records

2006-06-08 07:47:57
On Thursday 08 June 2006 10:29, Stuart D. Gathman wrote:

Scott wants me to mention that sending DSNs is a good way to complain
about broken SPF records.  For instance, in case of PERMERROR, I send
a DSN like this example :

... 

In addition, if the DSN is not accepted, I immediately BLACKLIST the
sender for a week.  Subsequent emails from the sender make great
bayes filter auto-training fodder.

"Lax" processing means applying various heuristics to try and guess
what the sender really meant.  In the above example a heuristic
might guess that the sender really meant "ip4:216.14.17.191/32"
[makes note to add that heuristic to pyspf].  This does *NOT* change
the SPF result.  The Received-SPF: header still says permerror.
I add an X-Guessed-SPF: header to record the heuristic result.

I think that this sort of discussion is an example of the types of things one 
can do when checking SPF in the MTA that are rather more difficult to do in a 
post-SMTP processor like SpamAssassin.  I think that the SA approach is good 
when you have no other options, but that one ought to check SPF before SA 
when one can.

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

<Prev in Thread] Current Thread [Next in Thread>