On 7/11/12 3:45 PM, "Martin Gregorie" <mar...@gregorie.org> wrote:
> On Wed, 2012-07-11 at 21:34 +0200, Josef Karliak wrote: >> Good evening, >> within a few days we've spams from domains that has "+all" in the >> TXT spf record. >> > All SPF can do is check that the sender has a valid IP for that domain, > i.e. that the sender's domain wasn't forged. SPF cannot and should not > be used to flag mail as spam if the sender is a legitimate member of the > source domain. This is regardless of whether you think the mail as spam > or ham. > > FWIW I think SPF's main use is in avoiding backscatter, I think the main use is to whitelist those correspondents who use it correctly. We've placed that in our bid documents - in order to win business with us, you have to use either DKIM or SPF to validate your e-mail conversations with us, and I will either create a whitelist_from_spf or whitelist_from_dkim line for that domain. I also specify in the bid documents that the use of +ALL and ~ALL is not permitted. If you are going to send us mail and have a whitelist entry, I want to know that you know where your mail is coming from. -- Daniel J McDonald, CCIE # 2495, CISSP # 78281
