On Thu, 2012-07-12 at 12:17 -0700, John Hardin wrote: > On Thu, 12 Jul 2012, Martin Gregorie wrote: > > > I'd suggest that any SPF record containing '+all' and possibly '?all' > > too, should trigger an SPF_PERMISSIVE rule rather than SPF_PASS so we > > can distinguish an authorised server in a tightly controlled domain from > > servers claiming to be part of a domain that doesn't give a damn. > > ...which is pretty much where we started. :) > True enough. I just wanted to provide a concrete example of extra stuff the plug-in could do and why that could be useful. It hadn't occurred to me until just now that SPF_PASS can be triggered by slovenly and/or careless SPF configurations as well as by careful set-ups and that this fact prevents you assigning any spam-related value to an SPF_PASS indication and reinforces my argument about SPF being useful against backscatter and not much else.
Martin