On 11/15/10 10:48 AM, Rob McEwen wrote:
...I'm sure there are others I haven't thought about!
All addressed by the standards. Yes, we advise our clients that SPF
PUBLISHING and CHECKING are two different things, and for two different
reasons.
We tell them that if they use the '-all' tag, and their C level people
use certain (BROKEN, NON RFC COMPLIANT) social network, 'email this to a
friend' web sites, or BROKEN FORWARDERS that are NON compliant, they
will see problems.
(one of our security mailing lists, we see people using .forward's or
broken forwards. and since we publish a -all, we are in effect saying
'if you can't figure out how to forward this email, then don't)
As for CHECKING, we NEVER recommend MTA checking or pre-queue blocking
based on SPF records. SA testing of the correlation between SPAM and
SPF records seems to indicate that you are just as likely to receive a
SPAM from a VALID SPF_PASS as well as a SOFTFAIL.
So, SPF works, if EVERYONE FOLLOWS THE RFC'S AND BEST PRACTICES. Where
it fails is when the sender or receiver doesn't follow the RFC's.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
