[Top] [All Lists]

[spf-discuss] Re: Google's SPF Record

2007-12-22 15:00:22
Julian Mehnle wrote:
how can we be sure that the rejection demons- trated on that
page is actually due to an SPF Fail?
| Apparently Gmail rejects SPF FAIL after DATA:

Well, "apparently" isn't the same "surely" :-)  Obviously they
looked at the DATA for their decision, so they likely use more
than only one indicator, otherwise they'd be wasting bandwidth.

And "more than one indicator" could include Dyn IP lists, or
looking for a DKIM PASS in the DATA overruling SPF FAIL, or any
combination up to sets where SPF FAIL plays no role at all.

BUT.   But check out the first link on my SPF "Google" page:

| Gmail supports multiple authentication systems, including SPF
| (Sender Policy Framework), DomainKeys, and DKIM (DomainKeys
| Identified Mail), so we can be more certain that your mail is
| from who it says it's from. Also, unlike many other providers
| that automatically let through all mail from certain senders,
| making it possible for their messages to bypass spam filters,
| Gmail puts all senders through the same rigorous checks.

*They* claim that they use SPF (among others), and what I got
confirms it.  Admittedly my evidence doesn't prove it, in fact
they obviously don't reject SPF FAIL a.s.a.p., they go to the
trouble to look at the DATA.

Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
Powered by Listbox: http://www.listbox.com