Jason Bertoch wrote: > I think it's safe to say I'm not in the minority when I receive SPF-Compliant > spam. I'm looking for opinions on what we can honestly derive from such > messages regarding the sending server's IP and the sending address' domain > name. > Is it wise to blacklist both, or is this yet another case where SPF has failed > to meet projections?
SPF is supposed to help mitigate forgeries, not spam. It identifies servers that are allowed to send for a domain, but does not have anything to do with content. You can't derive anything from such messages, except the certainty that your spam is not forged.
