It seems to raise some feelings...
On 15-12-17 01:06, Noel Butler wrote:
On 15/12/2017 09:27, Grant Taylor via mailop wrote:
On 12/14/2017 03:28 PM, Brandon Long via mailop wrote:
My point is that -all is policy, and most people ignore the policy portions of
SPF because it completely fails a lot of forwarding cases.
Every postmaster (or organization behind them) has the prerogative to run their
mail server(s) the way that they want to.
Agreed, if I publish a -all (which I do and have done for a very very long
time), I expect receivers doing SPF processing of my domains messages, to honor
that! Who the hell are they to assume they know my network and its senders
better than me.
Also agreed. I run a very small private mailserver and publish a strict SPF
policy. I'm pretty sure many small organizations will find it easier to
implement SPF than DMARC. (Yes I'm also using DMARC.) Also I know for sure that
any mail not originating from my mail server is not a valid mail, so I'm
wondering a bit why some of you really like to accept mail that fails the
policy of the originating domain holder.
I'm a bit worried that when others don't honor my SPF policy, then I'm more at
risk because I'm less protected against people who forge email addresses. Sure
it is just a policy and other mail administrators can and should follow their
own reasoning, but being nice towards SPF-publishing senders (and getting less
spam by doing so) surely is an option to consider?
Forwarding cases, well... like DKIM / DMARC has no forwarding problems. Maybe
we should get rid of forwarding anyway but I get it that it is an important
consideration for some of us ;)
Cheers, Evert
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
