> > On 02/02, Marc Perkel wrote: > >> Why would you want to catch domains without SPF as SPF has no > >> relationship to detecting spam?
> On 2/2/10 5:38 PM, "dar...@chaosreigns.com" <dar...@chaosreigns.com> wrote: > > SPF is entirely about spam. On 02.02.10 18:05, Daniel McDonald wrote: > Sorry, but SPF is entirely about ham. Neither one. SPF is only about forging. The _only_ thing you can say is that SPF_FAIL is forged e-mail. You can't say anything about SPF_*_PASS, SPF_SOFT_FAIL etc. > We use SPF with vendors who want to > ensure that we receive their mail. They must either provide a valid SPF > policy or use DKIM signing in order to be added to our whitelist. It's > specified in all of the bid documentation. They _can_ start spamming you. You will only know it's really them who's spamming. Or, that someone hacked to their servers or DNS. > > If everyone uses SPF, all we need to block all spam is these rules > > (SPF_NOT_PASS alone should do it), and a blacklist of domains that have > > SPF records including IPs that send spam. > > Spammers will often create a rule like spf=v1 all. That always matches, so > their mail is now SPF compliant. Better to use it for personal > whitelisting, and as an anti-spoofing filter (if it doesn't match our SPF > policy, we didn't send it so it should be considered as SPAM) some time ago we were discussing rule penaltying too broad SPF... "all" should have rule probably (doesn't it yet?) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good.
