spf-discuss
[Top] [All Lists]

Re: [spf-discuss] C/R Pros and Cons

2008-10-15 11:26:19
At 06:41 AM 10/15/2008 -0500, Roman Zimmermann wrote:

Don't forget that much legitimate email is sent by automated systems: mailing 
lists, shopping receipts, financial institution notifications, eBay 
notifications, system log monitors, and the like.  No one is there to respond 
to the challenge.  Send enough rejection notices to the software that runs a 
mailing list and you will be dropped from the mailing list.

The automated system should stop retries after the *first* reject.  Code 5xy 
means there is a problem on the sender side.  The sender is supposed to fix the 
problem before trying again.

A properly designed C/R system should *not* expect all senders to respond.  It 
should *not* increase the probability of a losing a legitimate message.  The 
message is going to the quarantine anyway.  A response will move it from the 
quarantine to the inbox.  No response just leaves it where it is.

I like Stuart's observation that 5xy "reject" in this case (a hypothetical C/R 
system) is in some sense a lie: the message is actually received and stored in 
a quarantine.  It just won't be "delivered" to the inbox until some event 
unrelated to SMTP takes place.  This event could be the sender responding to 
the challenge, or the recipient noticing a valid message in his quarantine, and 
clicking "Not Spam".

-- Dave





-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com