Martin Gregorie wrote:
On Wed, 2009-02-11 at 19:29 +0000, Ned Slider wrote:
SPF will only help if other people's mail servers deploy and bounce
mail on failed SPF, but as I asserted in an earlier post to this
thread, how much faith do you place in a mail admin deploying SPF
_AND_ bouncing messages on SPF failure when they can't even address
the issue that their servers are responsible for the backscatter
problem by accepting mail for non-existent addresses and then sending
DSNs to a forged address.
AFAIK a lot of current MTA versions will use SPF checks out of the box.
This means that even a numpty-administered MTA will do SPF checks before
sending rejections.
Not that I'm aware of. Sendmail doesn't, Postfix doesn't. One can
implement SPF with an add on plugin or milter if one so chooses but the
feature does not even exist in those MTAs let alone enabled by default.
That certainly seems to be the case for Postfix: its manual says its
default is to silently drop backscatter for unknown local users and I
haven't seen any of that or any for valid users for a very long time.
No, the Postfix manual says that it defaults to reject ALL mail for
unknown local recipients, period. This has nothing to do with SPF,
backscatter or anything else, it's just the correct way to do things. It
also prevents that server contributing to the backscatter problem. If
every server used Postfix in it's default configuration then backscatter
wouldn't exist.
