There is some potential with this as a negative weight test, however once the spammers catch on, the value would be diminished greatly, and of course legit mail servers are sources of spam, just not as often as the illegitimate ones, and I don't see the need to credit senders based only on the fact that they matched their SPF records. ... Considering these issues, I don't see why I should push something forward with such a flaw.
One other thing that I forgot about here is that you can do some creative things with SPF, such as:
v=spf1 +mx -exists:%{ir4}.bl.spamcop.net ?all
which would still give a PASS for users using your mailserver and an UNKNOWN for your roaming users, but also would give a FAIL to people listed in SPAMCOP. Another interesting technique someone is already using something like is:
v=spf1 +mx -exists:%{ir4}.test.example.com +all
With this, the DNS server for test.example.com is running software that allows this first X hits per day, and none after that. It could also have extra logic, such as denying E-mail from certain return addresses (or perhaps only allowing E-mail from addresses of users who may be "on the road").
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask about our free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
