Dnia 7.04.2025 o godz. 19:59:11 Klaus Ethgen via mailop pisze: > > SPF without -all is technical useless.
No, it isn't. "~all" can for example be interpreted by the receiving system as accept the mail, but assign to it higher score in antispam filter, so if another signs of "bad" mail appear in the message as well, it is more likely to be filtered out. This is in fact very common approach. Or put it into quarantine. Or greylist it. There are many possibilities. "Good"/"bad" mail filtering is more of a continuous spectrum than a simple binary yes/no classification. Also, finally it's up to the receiving system, not you, whether it will honor "-all" (it is also quite common to treat "-all" as in fact "~all"), or whether it will honor SPF *at all*. Myself for example I deliberately chose NOT to check neither SPF, DKIM nor DMARC on *incoming* mail (although I have those set up for *outgoing* mail to satisfy stupid - IMHO of course - receivers who require them), relying solely on RBLs, manual blocklists and content check. But if I *would* check SPF, and I would notice a large number of SPF failures for some domain which would seem to be legitimate mail, I would just either ignore "-all" or ignore SPF completely for that domain. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
