Re: Off Topic - SPF - What a Disaster

Fri, 26 Feb 2010 02:20:17 -0800 

On 25/02/2010 23:31, Marc Perkel wrote:


As someone who forwards email what I see is this.

Sender has restrictive SPF.
Recipient server enforces SPF.
Mail coming through me bounces.

Then they call me to complain and I say, I didn't bounce it. Get rid of
your SPF nd your email will be received.


In your scenario, there are two broken systems. Neither of which are SPF.
The first broken system is your user. They've applied SPF to their domain. They've set up mail forwarding from your service. Yet they still apply SPF checking against your servers? That is stupid. They've misconfigured their mail service. They should either remove SPF, get rid of the forwarding, or change the forwarding provider to one which rewrites the envelope sender.
The second broken system is your forwarding system. It's is forging the envelope sender instead of correctly rewriting it. Fix that, or continue to offer a sub-standard forwarding service. Your choice.
It's not SPF's fault that your clueless user can't receive some email. It's a combination of your broken forwarding configuration, and your clueless users misconfiguration of their email.
It's too late anyway. Your opinion is no longer relevant. SPF is absolutely here to stay. It is supported by *many* large providers, and a large proporition of ham is already using SPF.
Ideally, 100% of Ham and 100% of Spam would use SPF. You don't seem to get this though. You think SPF is only useful if 100% of Ham uses it and 0% of Spam uses it. That's a flaw in your understanding of what it's there for.
If a Spam comes from "example.com" and it's SPF protected, then you know the domain hasn't been forged, and it's safe to blacklist it. If it *isn't* SPF protected, then for all you know it has been forged and blacklisting it might cause collateral damage.
The positive aspects of *any* mail being "signed" with SPF, ham *or* spam, are so damn obvious, I don't know how you manage to mis-represent them so blatantly and so poorly. 

--
Mike Cardwell    : UK based IT Consultant, Perl developer, Linux admin
Cardwell IT Ltd. : UK Company - http://cardwellit.com/       #06920226
Technical Blog   : Tech Blog  - https://secure.grepular.com/
Spamalyser       : Spam Tool  - http://spamalyser.com/

Reply via email to