spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] How can one alert domain admins of broken spf records

2006-06-08 08:46:51
from [Scott Kitterman] [Permanent Link] 
On Thursday 08 June 2006 11:28, Arjen de Korte wrote:

I think that this sort of discussion is an example of the types of things
one can do when checking SPF in the MTA that are rather more difficult to
do in a post-SMTP processor like SpamAssassin.


SA doesn't have to be a post-SMTP processor, you can also run SA at SMTP
time and reject messages if you like.


That's true.  It would have been better if I'd said check SPF in a separate 
program that you can more easily customize.


I think that the SA approach is good when you have no other options, but
that one ought to check SPF before SA when one can.


Why not do both? Other than rejecting on SPF fail, at this moment there is
fairly little one can do with an SPF result code at SMTP time.


True, although I like Stuart's list of commonly forged domains to reject on 
SOFTFAIL/NEUTRAL idea.


If a sending system is already scoring enough points to be in the danger
zone for SA, the additional score on an SPF_NEUTRAL score might be just
enough to tip the scale. In itself, any of the default SA SPF scores
(slightly more than 1) will not nearly be enough to classify a message as
spam.


True in general.  I have been in the unfortunate position of having messages 
get filtered because of a combination of someone's custom rules and an 
implementation defect in the MUA I was using tripping INVALID_DATE which is 
an even lower scoring rule.  Perhaps I'm just a little sensitive having been 
burned in the past.

Fundamentally I think that SA is doing the right thing to do the job SA was 
designed to do.  Unfortunately for SPF, I think doing that may hurt the 
deployment of SPF.  Ultimately I think it would be useful for SA to have a 
more fine grained approach to SPF.  I'm not sure exactly what that should be 
at the moment.

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] How can one alert domain admins of broken spf records, Arjen de Korte
Next by Date:  Re: [spf-discuss] How can one alert domain admins of broken spf records, Scott Kitterman
Previous by Thread:  Re: [spf-discuss] How can one alert domain admins of broken spf records, Arjen de Korte
Next by Thread:  Re: [spf-discuss] How can one alert domain admins of broken spf records, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]