[119973] in North American Network Operators' Group
Re: AW: SPF Configurations
daemon@ATHENA.MIT.EDU (John R. Levine)
Fri Dec 4 20:55:04 2009
Date: 4 Dec 2009 19:54:11 -0500
From: "John R. Levine" <johnl@iecc.com>
To: "Andre Engel" <andre.engel@fhe3.com>
In-Reply-To: <001001ca753f$bee63db0$3cb2b910$@engel@fhe3.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>> Right. The only major mail system that pays attention to SPF is
>> Hotmail, but there are enough small poorly run MTAs that use it that
>> an SPF record which lists your outbounds and ~all (not -all) can be
>> marginally useful to avoid bogus rejections of your mail.
>
> For example :
> [ various large ISPs that publish SPF ]
Perhaps this is a language problem. In English, "publishes" is not a
synonym for "pays attention to." As I said, you need to publish SPF
to get mail into Hotmail. That's why people do it.
> I know there is a problem so far with forwarded emails but there is also a
> solution :
> [ hoary SRS proposal to change every SMTP server in the world to make them
> match what SPF does ]
Sigh.
> Every time a mail arrives that is an SRS address the password and timestamp
> could be checked, and faked or outdated recipients could be rejected.
You might want to look at BATV, which has nothing to do with SPF, but
I have found is quite useful for recognizing spam blowback.
R's,
John
PS:
> This message (including any attachments) is the property of FHE3 and may
> contain confidential or privileged information. Unauthorized use of this
> communication is strictly prohibited and may be unlawful. If you have
> received this communication in error, please immediately notify the sender
> by reply e-mail and destroy all copies of the communication and any
> attachments.
Our policy is to send messages with confidentiality notices to all of
your competitors.
