AW: AW: SPF Configurations

["Andre Engel" <andre.engel () fhe3 com>]

John,

> -----Ursprüngliche Nachricht-----
> Von: John R. Levine [mailto:johnl () iecc com]
> Gesendet: Samstag, 5. Dezember 2009 01:54
> An: Andre Engel
> Cc: nanog () nanog org
> Betreff: Re: AW: SPF Configurations
>
> > > Right.  The only major mail system that pays attention to SPF is
> > > Hotmail, but there are enough small poorly run MTAs that use it that
> > > an SPF record which lists your outbounds and ~all (not -all) can be
> > > marginally useful to avoid bogus rejections of your mail.
> >
> > For example :
> > [ various large ISPs that publish SPF ]
>
> Perhaps this is a language problem.  In English, "publishes" is not a
> synonym for "pays attention to."  As I said, you need to publish SPF
> to get mail into Hotmail.  That's why people do it.

As I said im almost german :-)
  
Some major providers ,1&1 for example, assigned their customers the
"responsibility" to "pay attention on SPF" for getting mails into their
boxes.(decision between suspicious or not)   

> > I know there is a problem so far with forwarded emails but there is
> also a
> > solution :
> > [ hoary SRS proposal to change every SMTP server in the world to make
> them
> > match what SPF does ]
>
> Sigh.

I do not want to change every SMTP servers in the world. I just gonna show
an useful option .-)

> > Every time a mail arrives that is an SRS address the password and
> timestamp
> > could be checked, and faked or outdated recipients could be rejected.
>
> You might want to look at BATV, which has nothing to do with SPF, but
> I have found is quite useful for recognizing spam blowback.


Sure ! For instance If your are providing an mail cluster for your customer
bills, a newsletter server or a cooperated
mail cluster and you know that you are sending emails only to receivers
email boxes BATV is indeed a awesome tool.
 
But if you are performing a shared mail cluster for your webhosting or your
Dial in customers which are using for instance some special kinds of mailing
lists maybe you need a additional solution.

> From a reputation perspective Id like the idea to combine a set of anti spam
tools if it is useful.
Indeed MAAWG is not "the badest place" to learn about.


> R's,
> John
>
> PS:
>
> > This message (including any attachments) is the property of FHE3 and
> may
> > contain confidential or privileged information. Unauthorized use of
> this
> > communication is strictly prohibited and may be unlawful. If you have
> > received this communication in error, please immediately notify the
> sender
> > by reply e-mail and destroy all copies of the communication and any
> > attachments.
>
> Our policy is to send messages with confidentiality notices to all of
> your competitors.

Sure! Im here to learn *** .-)


Cheers

Andre 



 --
Andre Engel

Consulting Program Director, 
Email and Cyber Intelligence Services            "..no space left on the
device/Kein Weltraum links auf dem Gerät"


FHE3 GmbH                                        P: +49 721 869  5907
Scheffelstr. 17a                                 M: +49 160 962 44476 
76135 Karlsruhe


andre.engel () fhe3 com
http://www.fhe3.com/

Amtsgericht Mannheim, HRB 702495
Umsatzsteuer-Ident: DE254677931
Geschäftsführer: Peter Eisenhauer, Michael Feger, Dimitrij Hilt

***
This email is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE ,...