"Jason Bertoch" <[EMAIL PROTECTED]> writes: > I think it's safe to say I'm not in the minority when I receive SPF-Compliant > spam. I'm looking for opinions on what we can honestly derive from such > messages regarding the sending server's IP and the sending address' domain > name. > Is it wise to blacklist both, or is this yet another case where SPF has failed > to meet projections?
If we are receiving SPF-Compliant spam, the rather than indicating that it is failing, this indicates that SPF is working as designed. It means that the spammer is not forging the envelope domain, Despite common misconceptions, SPF was never designed as a spam indicator or even an anti-spam tool - it is an anti-forgery tool.
