Re: [Nolug] objections to SPF?

From: scotth_at_scottharney.com
Date: Tue, 06 Apr 2004 11:55:23 -0500
Message-ID: <87y8p9t5ac.fsf@minorthreat.local.lan>

Joey Kelly <joey@joeykelly.net> writes:

> Y'all,
>
> I'm considering setting up SPF (http://spf.pobox.com, http://www.ietf.org/
> internet-drafts/draft-mengwong-spf-00.txt) on my mail server, as a means to
> further combat spam and forged virus bounces.

I've been thinking about doing the same thing myself.

>
> Here's the downside: my server will check SPF records on the mail you send to
> it. This might cause problems for you, if your ISP publishes or decides to
> publish SPF records for their domain, and you send mail from some other SMTP
> server. If this happens, your mail won't be accepted by my server, and your
> posts to this list won't make it through.

To make an omelette, ya gotta break some eggs. I'd say implement gently
with marking messages only and see what percentage of SPF reject you
_would_ get. And make sure you have a bounce email with a URL
that will tell rejected senders how to handle it.

> By the way, if you're running SpamAssassin, the next version of it (2.7, I
> believe) will be able to do SPF checks. I don't know if this will be on or
> off by default, though.
>
> Thoughts?
>
> BTW, I also run lists for newbies, who aren't going to be able to understand
> any of this, nor how to deal with mail that doesn't arrive where they send
> it.

-- 
Scott Harney<scotth@scottharney.com>
"Asking the wrong questions is the leading cause of wrong answers"
gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
___________________
Nolug mailing list
nolug@nolug.org
Received on 04/06/04

This archive was generated by hypermail 2.2.0 : 12/19/08 EST