You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Mathias Homann <ad...@eregion.de> on 2006/03/17 00:25:27 UTC
on the value of SPF records (was: Re: Importance of SMTP gateway reverse lookup domain?)
Am Donnerstag, 16. März 2006 23:46 schrieb Michael Monnerie:
> On Donnerstag, 16. März 2006 17:15 Stewart, John wrote:
> > Aye; thanks. Unfortunately, our current external DNS server
> > doesn't yet support SPF records. =(
let me rant a bit about SPF records.
Background info: my day job is fondling the servers at
$WESELLSTUFFOVERTHEINTERNET. We have a newsletter for customers and
other interested folks, its all pretty serious, double opt-in and
such; the actual sending of the newsletters is done by
$SOMEOTHERCOMPANY though.
One day, i get a ticket in our ticket system, which sums up as "we
need to have spf records, and we need them now, because that guy at
$SOMEOTHERCOMPANY says so, so that our newsletter is less likely to
get flagged as spam."
When you think about it, it even makes sense. So i wrestle the various
external DNS servers that serve our umpzillion of domain names (the
marketing dude seems to think that more domains is better...) into
accepting those TXT records.
(time passes)
One day, spamassassin seems to think that this newsletter, send to my
private email, is spam. This leads to me running it through
spamassassin in debug mode... and what do I see...
The guy at $SOMEOTHERCOMPANY has set up SPF records for their systems
as well... and has NOT included the server that gets fed the
newsletter...
So much for that.
bye,
MH
yes, i DO know that this list is NOT the scary evil monastery. but it
fits into the discussion... sort of...
--
gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD
763C
Re: on the value of SPF records (was: Re: Importance of SMTP gateway reverse lookup domain?)
Posted by Michael Monnerie <m....@zmi.at>.
On Freitag, 17. März 2006 00:25 Mathias Homann wrote:
> One day, i get a ticket in our ticket system, which sums up as "we
> need to have spf records, and we need them now, because that guy at
> $SOMEOTHERCOMPANY says so, so that our newsletter is less likely to
> get flagged as spam."
>
> When you think about it, it even makes sense.
SPF is not intended to be a flag of whether or not a mail is SPAM. Any
spammer can setup SPF records. SPF can only assure that the owner of
the domain can control which SMTP are allowed to send mail for that
domain. Nothing more. And if there is no SPF for a domain, that doesn't
means it's likely SPAM - and if there are SPF records, it doesn't mean
it's HAM.
> One day, spamassassin seems to think that this newsletter, send to my
> private email, is spam. This leads to me running it through
> spamassassin in debug mode... and what do I see...
> The guy at $SOMEOTHERCOMPANY has set up SPF records for their systems
> as well... and has NOT included the server that gets fed the
> newsletter...
I had the same problem with a customer. Easy to solve, just another
entry into the SPF record.
SPF has its edges. Especially for e-mail forwarding it's a PITA. I have
some accounts doing that, needing not just a redirect but a resend. But
after all, SPF helps prevent forged senders - IF the recipient checks
SPF records. There are still too many servers not doing that.
mfg zmi
--
// Michael Monnerie, Ing.BSc --- it-management Michael Monnerie
// http://zmi.at Tel: 0660/4156531 Linux 2.6.11
// PGP Key: "lynx -source http://zmi.at/zmi2.asc | gpg --import"
// Fingerprint: EB93 ED8A 1DCD BB6C F952 F7F4 3911 B933 7054 5879
// Keyserver: www.keyserver.net Key-ID: 0x70545879
Re: on the value of SPF records (was: Re: Importance of SMTP gateway reverse lookup domain?)
Posted by jdow <jd...@earthlink.net>.
From: "Mathias Homann" <ad...@eregion.de>
...
> bye,
> MH
>
> yes, i DO know that this list is NOT the scary evil monastery. but it
> fits into the discussion... sort of...
Um, er, <shuffle feet>, <look around embarrassed>, aren't monasteries
for "boys"? I better get outa here FAST before someone notices.
---->>>>> {o.o} Joanne heads THATAWAY>>>>>>
Re: on the value of SPF records
Posted by Kelson <ke...@speed.net>.
Mathias Homann wrote:
> One day, spamassassin seems to think that this newsletter, send to my
> private email, is spam. This leads to me running it through
> spamassassin in debug mode... and what do I see...
> The guy at $SOMEOTHERCOMPANY has set up SPF records for their systems
> as well... and has NOT included the server that gets fed the
> newsletter...
>
> So much for that.
OK, so $SOMEOTHERCOMPANY misconfigured their systems, and it didn't work
as expected. What, exactly, does this imply about the value of SPF records?
--
Kelson Vibber
SpeedGate Communications <www.speed.net>