On 06/12/2020 13:12, Hans-Martin Mosner via mailop wrote:
In your experience, where does SPF really help? What are the use cases that I don't see in my spam-blocker tunnel vision?
One thing we still encounter occasionally is where a spammer has decided to send email from one of our customers' domains (not by hacking their mail server, just by forging the return path). In this case, our customer get loads of backscatter, and autoresponses, etc.
Adding SPF tends to cut down on the backscatter as, presumably, some of the spammers' targets will not send failure messages back if the SPF fails, and some reject the junk outright. Also, spammers seem to stop using their domain and switch to another one without SPF. (We can support BATV as well, but that can break in some situations)
This used to happen a LOT more in the past, but it still happens today occasionally.
So, I'd suggest having at least a 'soft fail' SPF record for your own domain. If a spammer is in the habit of trying to piggy-back off other companies' domain reputations, then it seems to encourage them to look elsewhere.
For incoming mail: personally, if it was for a personal mail server, or I was in charge of a company's mail server, I wouldn't have a problem blocking on an SPF hard fail. If the mail system was used for customers, then I wouldn't do that, as the support hassle would be too great.
Using SPF as another factor in a more comprehensive spam filtering system is reasonable. In my experience, more SPF fails are bad than are false positives. But SPF is not an anti-spam mechanism at all, so 'false negatives' are actually very rare (those would be where a domain holder has an SPF that authorises IP addresses that it shouldn't do and which do send forged mails)
-- Paul Paul Smith Computer Services supp...@pscs.co.uk - 01484 855800 -- Paul Smith Computer Services Tel: 01484 855800 Vat No: GB 685 6987 53 Sign up for news & updates at http://www.pscs.co.uk/go/subscribe _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
