On 24 Jan 2020, at 8:02, Renaud Allard via mailop wrote:
For me, only -all makes sense, all others are just as meaningful as
having no SPF records at all.
The first 2 words there are the most important in the sentence.
An affirmative SPF result is very helpful to mid-sized receiving systems
for discriminating between high-value legitimate email and forgeries of
such messages for phishing purposes. It is easy for a family-sized
system to craft bespoke whitelisting for the handful of companies whose
mail they want and who are phishing targets. It is probably feasible for
giant receivers to just let a well-tended AI handle such issues. For
systems with hundreds to thousands of users, the administrative overhead
of tracking all of the legitimate sources of all phishing-targeted
senders individually is unworkable. However, using something like
SpamAssassin's whitelist_{spf,dkim,auth} features which protect
authenticated messages by specific sender domains from being mistaken
for the phishing spam which looks so similar.
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
