On Wed, May 11, 2016 19:18, Alice Wonder wrote:
>
> I've found that legitimate mail fails SPF too often to reject. Problem
> is system administrators don't keep the policy up to date as the
> network changes, or they don't understand SPF.
>
> I think SPF is good for spam score but shouldn't reject based on it
> alone.
>
>
We take the position that any domain that implements SPF with the -all
tag is telling us to reject anything purporting to come from them that
fails spf, which we do. Likewise, any domain that has enabled spf has
committed to maintain a valid spf configuration in their zone file or
we will reject their mail per the spf rules.
SPF is essentially a performance contract which the sender domain has
voluntarily entered into with their correspondents. If poor spf
configuration causes problems for them they can either fix the problem
or disable spf altogether. There is no point in us enabling a
crippled spf configuration to persist without repair. We are not doing
them or their other correspondents any favour should we do so.
Depending on the site we will often send a message to both the sender
and to the postmaster address detailing the issue that they are
having. Although empirically we see that many, many sites have no way
of receiving email addressed to postmas...@domain.tld. The humorous
thing is that often the non-delivery notice is sent from, you guessed
it, postmas...@domain.tld.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:byrn...@harte-lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
