[Gllug] Configuring SPF to cope with secondary incoming mail servers

Alain Williams addw at phcomp.co.uk
Tue Dec 5 09:05:13 UTC 2006


On Tue, Dec 05, 2006 at 07:38:42AM +0000, Nix wrote:
> On 4 Dec 2006, Jason Clifford stated:
> > On Mon, 4 Dec 2006, Martin A. Brooks wrote:
> >> SPF is a waste of everyone's time and effort.  Ignore it, it'll go away.
> >
> > I very much disagree. It can serve a helpful purpose so long as it is 
> > clearly understood to be advisory only.
> 
> Yes: the presence of correctly-validated SPF headers is an excellent
> indicator that something is spam. (Why? Because the spammers are
> enthusiastic early adopters of things that help them get past
> spamfilters, that's why.)

There are 2 points of view on SPF:

* Me who specified a SPF record.
  It helps to prevent people using my address as the origin of spam
  This means that I don't get the spam bounces & the other nasties if
  people think that you are sending spam.
  This is why I publish a SPF record.

* Me who checks incoming mail SPF
  I agree that there is a penalty cost for it and that it doesn't trap
  a lot of spam, but me checking it helps to convince spammers to avoid
  SPF 'protected' domains in the From address ... which helps me

The main downside is simple minded mail s/ware (like at clara-net) that does
not rewrite the From address.

Overall I reckon that it is a small win.

-- 
Alain Williams
Parliament Hill Computers Ltd.
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  http://www.phcomp.co.uk/

#include <std_disclaimer.h>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list