We have an automated SPF checking system in place for clients/partners/vendors 
and auto-notify them of invalid/malformed SPF records every three weeks.  The 
responsive ones got them fixed up, but I still have three die-hards that 
haven't made any changes.  Their domains are low-volume, so they probably 
haven't had a palpable issue.

I turned on SPF checking on our incoming email server about two or three months 
and notified domain holders who were sending legitimate email from bad IPs, and 
there, too, some fixed up their SPF records, but the majority didn't do 
anything.  So we keep rejecting those emails.  Most of them tend to be from 
auto-notify systems (bank statements, receipts for purchases from online 
stores, etc).  The recipients don't complain to the sender because they're not 
aware they were supposed to get an email, and since a human didn't send it, 
there's no one on the sending side chasing it down.  Most well-known cuplprit 
is Travelocity and their flight change notifications.  Too bad the travelers 
aren't getting notified.


-----Original Message-----
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Michael Orlitzky
Sent: Tuesday, May 16, 2017 8:20 AM
To: mailop@mailop.org
Subject: Re: [mailop] Many SPF failures lately

On 05/15/2017 12:34 PM, D'Arcy Cain wrote:
> My personal preference is to just bounce it and make them fix their 
> records but it is becoming a support problem because the senders are not 
> reading the bounce message which explains the problem and has a link to 
> a page with more detail.  They simply contact our users saying that it 
> must be our problem.

I usually respond with something like "the administrator of the sending
system told us to reject this message, you'll have to take it up with
him." Then if you ever hear from that guy, tell him to delete the SPF
record completely.

mailop mailing list

mailop mailing list

Reply via email to