On 11/11/2010 5:07 PM, Rob McEwen wrote:
On 11/11/2010 7:41 PM, Noel Butler wrote:
Really? I don't use SPF in SA, only MTA, if that's the case, it is a
shame that SA also is behind the times. It was years ago SPF type was
ratified. Justin: Any plans to change that?
I guess I'm one of those mail admins who is behind the times. But I
don't really care that much because I take the same position as Suresh
Ramasubramanian... that SPF is a failed technology because, for one, it
breaks e-mail forwarding and there are ALWAYS too many legit e-mail
forwarding situations (and legit substitutionary "from" situations--like
sending from one's phone) to create problems in comparison to the
problems that SPF solves.
The ONLY exception is when enduring a severe "Joe Job" attack. In THAT
situation, a strong SPF record will disrupt much of the spammer's
messages, and cause them to switch to OTHER forged "from" addresses. In
that situation, SPF is your friend. Otherwise, it is more trouble than
its worth, imo.
Because many feel this way, I suspect that this may be the reason why
the lastest and greatest SPF support probably wasn' a huge priority for SA?
I agree. The only thing I've found useful about SPF is for whitelisting
purposes where is the SPF is positive AND the domain is in my list of
whitelisted domains then I just pass it. SPF does break email forwarding.
Generally I have found that having wildcard email accounts is one of the
things that cause spammers to spoof your domain. If you have a finite
number of working addresses then they are less likely to use your domain.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
