Hello Martin,
MJ> The fundamental question I'm trying to get at is:
MJ> Should I bother setting up and maintaining SPF records if my domains are not
MJ> currently suffering from any forged identity problems?
Before answering your question it's important to make clear is that
SPF is all about protecting a Domain's email Sending reputation &
thereby reducing forging of a Domain's email. A Domain owner is able
to state with a choice of granularity which mail servers are
permitted to send authorised mail.
A Receiver can read a Sending Domain SPF records in DNS to aid
rejection of non-authorised mail servers which likely will be spam.
If valid mail is sent via non-authorised mail servers a tight Sender
SPF record statement will say to a Receiver "Please feel free
to reject this email without further checks."
It follows that any reduction of spam is a side effect of using
SPF by making it easier to identify forged identity email.
Spammers using slack SPF statements for their own domains will
have a slack reputation for those domains & have spam detected
as usual by other methods. A spammer using a tight SPF record
statement makes it easier for a Receiver to reject spammer Domain
email via blocklists.
Answering your question: Yes you should protect your domains
against forged identity problems before they occur.
This is about saving damage to your Domain's reputation &
mailserver downtime particularly in a commercial context.
You do not want to be tagged as sending spam!
Forged identity can create massive load on servers from Receiver
rejection emails interfering with legitimate email.
Setting SPF records after identity spoofing starts is too late, a
Domain will be quickly widely blocklisted by both specialist and
local Receiver blocking filters. Once blocklisted it may take
weeks to restore Domain reputation and get unblocked.
Many well known specialist centralised blocklists require
manual requests via webpage or other hoops including enforced
delay of 7 days or more before a blocklisted server retest or
blocklist reset.
MJ> I would do it happily
MJ> if it contributed to the internet community's fight against spam, but unless
MJ> major email service providers close the fake domain loophole, there doesn't
MJ> seem to be any point.
I don't see a problem choosing to use SPF with your Domains.
As above SPF helps fight Domain forged identity, any spam
reduction is just a side effect. The more Domain Senders &
Receivers use SPF, the more spammers will find Domain forged
identity less useful and use their own domains which may be
spam blocked by other methods such as automated centralised
blocklists.
Re loophole: Are the email service providers filtering fake domain
emails identified as spam ?
If Domain forged identity emails are being observed not being
rejected causing agro perhaps you should consider POP3 collection
& a separate filter, http://keir.net/k9.html works fine and uses
external IP blocklists.
I feel it would be wrong to assume SPF & other reputation methods
are not being used to detect forged identity & non-authorised
Domain servers when scoring for email filtering.
It's not clear to me if scoring is used for statistics alone or
if a level of scoring is set that triggers a level of forged
identity email rejection.
I'd be surprised if forged domain email identified as spam is
getting past the filters. Forged domain emails rejected as spam
by the email provider should be passed to IP blocklists but not
Domain blocklists.
Likewise the service provider should be using advanced outbound
Sender email filters in order to try and identify outgoing
spam from their own servers.
--
Best regards,
Shane mailto:shane(_at_)red(_dot_)nymcity(_dot_)com
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/2183229-668e5d0d
Modify Your Subscription:
https://www.listbox.com/member/?member_id=2183229&id_secret=2183229-a7234b15
Unsubscribe Now:
https://www.listbox.com/unsubscribe/?member_id=2183229&id_secret=2183229-98aa0fe6&post_id=20110210095708:06D076B6-3526-11E0-BCD0-8FD735712E33
Powered by Listbox: http://www.listbox.com