spf-discuss
[Top] [All Lists]

[spf-discuss] Re: SPF TXT Questions re Effectiveness

2006-12-02 20:08:48
Julian Mehnle wrote:

I merely ment to say that I think you are seeing a difference between
  "I authorized this host to use my domain in the envelope sender"
and
  "I authorized this host to use my domain in the envelope sender, and
   I expect receivers to start rejecting mail from that domain if it
   becomes increasingly abusive"
where I don't see such a difference.  What does "authorization" mean if
others can't take you seriously for it?

A PASS from an unknown source means that a bounce won't hit innocent
bystanders.  A PASS from a known source means whatever you know about
the source (and a later bounce still won't hit innocent bystanders :-)

If you want "Pass" to mean nothing but "You can send bounces here",
then what is that worth?

Lots, e.g. you can defer your serious spam checks to post-SMTP time,
or to behind-the-border MTAs.  You can accept the mail on probation,
as it was in the good old times.  Without PASS or FAIL you're forced
to come to the correct accept or reject decision at the border MX.

Otherwise you've dropped the ball, either violating 2821 because you
drop some mails (incl. false positives) later, or violating RFC 2821
because you send NDRs to "the originator as indicated in the reverse
path", for NEUTRAL / NONE that means 80% innocent bystanders, all of
them entitled to report such bounces as spam under the lousy SpamCop
rules not demanding a SPF FAIL policy for such bounce reports.

This will cost you a static IP for a dedicated "bounce" MTA, where
it's less interesting if it's BL'ed.  Then it's again the problem of
the senders if they use such BLs.

There is no absolute trust.

ACK, a zombie would get a good HARDPASS or PASS or NEUTRAL or NONE
like the former owner of the infected box.  As far as I'm concerned
you can treat them all alike wrt reputation.  Not FAIL, that would
be wrong, just reject it.

Frank


-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>