-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message <CAH48Zfwke97+H66f3+MRqGkmha=MhA7tbzoSzRj2ELsw93ZK-
[email protected]>, Douglas Foster <[email protected]>
writes
> I would be happy to have you or anyone else explain to me
> (a) What data indicates that a non-trivial number of servers have
> SPF policies on their host name, and
> (b) How the answer to that lookup provides information useful to
> an evaluation decision.
I looked at the data from $DAYJOB$ for last Wednesday UTC (a typical day
I believe)
For email with a null "MAIL FROM" (which includes a certain amount of
spam as well as delivery status reports ...)
I see
dkim fail, spf fail: 11%
dkim fail, spf pass: 6%
dkim pass, spf fail: 14%
dkim pass, spf pass: 69%
$DAYJOB$ is coy about absolute numbers but the smallest category there
is more than 10 million and less than 100 million messages.
When I look at the spf=pass results I see more than 650,000 unique EHLO
strings. I think that qualifies as non-trivial.
Evaluation decisions at $DAYJOB$ are very complex indeed; but that 11%
will not be an issue RSN (because of "no auth no entry" policies)
YMMV ... but I would be interested in learning what sort of volume you
are drawing conclusions from.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBZmXmrd2nQQHFxEViEQJi/QCgqBl0/6ll/WSu+KKt7qNzE8LPJBAAoM6W
4xmGfD6kE8ikBoD87vv1dvgq
=wD4z
-----END PGP SIGNATURE-----
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
