[Top] [All Lists]

[spf-discuss] SPF PASS spam is good (was:: advice wrong, or is it?)

2007-12-22 13:54:00
Bill Adragna wrote:

But they will change their SPF record every day.... won't they?

Maybe.  For you as receiver an SPF PASS from an unknown stranger
buys time, you can accept it, analyze it thoroughly, and if you
don't like it after your anylysis you can bounce it:

If it was really spam or not, your bounce won't hit any innocent
bystanders.  If it was a "false positive" the legit sender can
try to bypass whatever triggered your erroneous analysis.

With NEUTRAL mail (neither PASS nor FAIL, ignoring SOFTFAIL for
the moment) you need to arrive at a "reject or accept" decision
during the SMTP session, and if your "quick analysis" was wrong
you accepted a mail that you can't bounce later if it turns out
to be spam (bouncing to a likely forged MAIL FROM is net abuse).

So you're forced to drop it.  And if it was a "false positive"
the legit NEUTRAL mail is lost.  With SPF PASS mail you're not
forced to drop spam, "false positive" or not, simply bounce it.


Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
Powered by Listbox: http://www.listbox.com