On Sun, Dec 06, 2020 at 02:12:25PM +0100, Hans-Martin Mosner via mailop wrote: > In your experience, where does SPF really help? What are the use cases that I > don't see in my spam-blocker tunnel vision?
In my experience: 1. You must have an SPF record in order for the big mail providers to even think about accepting your mail (softfail seems sufficient). 2. It's not worth rejecting incoming mail simply because it fails SPF. There are too many badly configured servers out there - one example I see a lot is where a company has not added their web servers to their SPF record, but they send out transactional emails such as password resets. You end up not receiving mail or trying to convince the company that they should fix their SPF record (to which the response is the same as broken TLS - "problem must be on your end as it works for us"). 3. It does seem to be worthwhile having SpamAssassin take SPF failure into account, not as an absolute rejection but a factor which indicates that the mail might be spam. -- Paul Waring Freelance PHP developer https://www.phpdeveloper.org.uk _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
