Re: Off Topic - SPF - What a Disaster

Tue, 23 Feb 2010 13:27:18 -0800 

On 2/23/10 3:38 PM, Jeff Koch wrote:
since SpamAssassin doesn't block email (and actually, the scoring for spf failures is pretty low), you must have munged something else up. 


if you tried to do pre-queue SPF blocking, yep, go to wsj, yahoo, 'send 
link to a friend' and you don't get email, its because your pre-queue 
filter messed things up.



Can't get email from important business contacts? what has that go to do 
with your clients SPF records? nothing.  maybe the SENDERS had it messed up.


you are right, if you don't know what SPF is, don't use it.


If I send email to someone and they FWD it (.forward) without proper 
forwarding, then maybe I didn't want that important email forwarded to 
hell and back.



Its all about the RFC's.  and (80%?) of the mail servers out there 
violated the RFC's (and SPF is just one of the misused RFC's).  How many 
don't even have valid FQDN's in EHLO?  try to explain to a client that 
we don't allow inbound email from 'domain.com'.  When the sender decided 
that a good internal microsoft 'domain' was domain? and the default FQDN 
on their MessServer is mail.domain.com?



or (simi) static dsl or business cable, where the provider is too stupid 
or too lazy to set up a proper RDNS (PTR record)?  or someone who's 
lawyer insists on using the freebie aol account for their business email 
address and wonders why it takes 6 hours to send a simple email to 100 
of their clients?



No, there are a lot stupider things you can do than set up SPF records.  
The best thing to do is publish them, but don't block if you have 
mismatches.


(yes, the FAQ on our web site still says don't use SPF records)

--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * 2008-9 Hot Company Award Winner, World Executive Alliance
   * Five-Star Partner Program 2009, VARBusiness
   * Best Anti-Spam Product 2008, Network Products Guide
   * King of Spam Filters, SC Magazine 2008

______________________________________________________________________

This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________  






















					Reply via email to