nanog mailing list archives

Re: SPF deployment by Oct. 1 ?

From: Mike Leber <mleber () he net>
Date: Tue, 27 Jul 2004 19:38:28 -0700 (PDT)



On Mon, 26 Jul 2004 Valdis.Kletnieks () vt edu wrote:

On Mon, 26 Jul 2004 11:51:26 EDT, Gerald said:

I think this will be the next best thing in E-mail. I'd love for that date
to be August 1 though.


OK... Aug 1 is a weekish away.   Check your inbound mail for today, and ask
yourself how much you'd be losing if you started enforcing SPF today, and what
percentage of the sites you get legitimate mail from are likely to deploy SPF
tags this week.....


Just checking if I have this correct:

From what I understand the fall back for SPF to use the MX record and then

the A record if that isn't found, which covers alot of the net, how much?
Does anybody have any SPF compliance measurements (exclude spam) from
their production mail servers that they can share?

Organizations that have separate outgoing mail servers from incoming mail
servers will need to define SPF records.

Mail forwarding to other domains on a per user basis (i.e. using .forward)
without updating an organizations SPF record will fail the SPF check.

The SPF check is based on the envelope sender and not the message from, so
it won't break as many mailing lists as it would first seem.

And then keep in mind that SPF is *known* to break certain types of mail
reflectors and forwarding (argue all you want about whether such things are
fundementally broken - they're still *in production use*)....


1 percent?  5 percent?  0.1 percent?

(of course this depends on all kinds of things)

Then the other question is do we have any kind of figures for how much
spam currently fails the SPF check in any known test?

Even if SPF doesn't end up blocking very much spam, if it blocked most
worms and viruses, that might be worth while.

Mike.

+----------------- H U R R I C A N E - E L E C T R I C -----------------+
| Mike Leber           Direct Internet Connections   Voice 510 580 4100 |
| Hurricane Electric     Web Hosting  Colocation       Fax 510 580 4151 |
| mleber () he net                                       http://www.he.net |
+-----------------------------------------------------------------------+

Current thread:

Re: SPF deployment by Oct. 1 ?, (continued)
- Re: SPF deployment by Oct. 1 ? Jared Mauch (Jul 24)
- Re: SPF deployment by Oct. 1 ? Joel Jaeggli (Jul 24)
  - Re: SPF deployment by Oct. 1 ? John Bittenbender (Jul 24)
- Re: SPF deployment by Oct. 1 ? Gerald (Jul 26)
  - Re: SPF deployment by Oct. 1 ? Petri Helenius (Jul 26)
  - Re: SPF deployment by Oct. 1 ? Valdis . Kletnieks (Jul 26)
    - Re: SPF deployment by Oct. 1 ? J.D. Falk (Jul 26)
    - Re: SPF deployment by Oct. 1 ? Stephen Stuart (Jul 26)
    - Re: SPF deployment by Oct. 1 ? Edward B. Dreger (Jul 26)
    - Re: SPF deployment by Oct. 1 ? Robert Blayzor (Jul 26)
    - Re: SPF deployment by Oct. 1 ? Mike Leber (Jul 27)
    - Re: SPF deployment by Oct. 1 ? Douglas Otis (Jul 27)
  - Re: SPF deployment by Oct. 1 ? J.D. Falk (Jul 26)
    - Re: SPF deployment by Oct. 1 ? Ricardo "Rick" Gonzalez (Jul 28)
- Re: SPF deployment by Oct. 1 ? James Couzens (Jul 27)
- Re: SPF deployment by Oct. 1 ? Douglas Otis (Jul 27)