On 10/10/11 9:00 AM, "Marc Perkel" <supp...@junkemailfilter.com> wrote:
> > > On 10/7/2011 12:50 AM, Benny Pedersen wrote: >> On 7 Oct 2011 00:28:49 -0000, John Levine wrote: >>> Nobody with any interest in delivering the mail that their users want. >>> The error rate is much, much too high. >> >> how ? >> > > All forwarded email would fail SPF testing. You would be blocking all > hosted spam filtering services for example. "then you aren't doing it right". If the hosted filtering is egress, then the address ranges of your egress filter provider should be in your SPF statement. If the hosted filtering is ingress, then the address ranges of your ingress filter provider should be in your trusted-networks, so that spf will look at the last-untrusted address for the source. Mail-lists running on sane software will change the envelope address, so there is no problem there. So, what other bizarre corner cases are you talking about that break SPF? -- Daniel J McDonald, CCIE # 2495, CISSP # 78281
