On 10/7/2011 1:12 AM, Robert Schetterer wrote:
in my eyes the whole idea of spf was broken from beginning but do what you want, no need for flame in my real world it makes more problems then helping in antispam i removed spf checks from my servers, in spamd its used with nearly no points there are better more effective ways to reject unwanted mails but youre free, do it like you want, analyse your logs then you will see, if it helps at your side everbody has its own spam, there are less universal recommands, antispam is daily work in analyse and reaction
The trick with SPF is to stop using it for rejecting mail, it doesn't do a good job at that. It's not really a spam-fighting technique at all, as much as an identification technique. What you do with that identification is where it gets interesting; what it does do well is allow you to whitelist known-good (or at least wanted) senders, allowing you to exempt mail you know you want from expensive content filtering.
PayPay is a good example, love 'em or hate 'em, there's no point running mail from PayPal through any sort of content based spam filtering, and SPF can tell you that a message claiming to be from PayPal really is from PayPal (but it can't reliably tell you that a message *isn't* from PayPal, due to forwarding, possible DNS problems, possible SPF configuration errors, etc)
-- Dave Warren, CEO Hire A Hit Consulting Services http://ca.linkedin.com/in/davejwarren