Mailing List Archive

Dotzero wrote:

> Does anyone on the list know of other major website domains
> or brands that are using -all at the end of their SPF records?

un.org gmx.net

For many more examples see <http://spf-all.com/>

Frank

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=91685177-9a4b39
Powered by Listbox: http://www.listbox.com

Ian Eiloart wrote:

> An SPF pass for a trusted domain can be used to avoid spam
> filtering,so even these records are worth checking for

Yes. For an untrusted PASS you could "accept, later check
and bounce if necessary", after all PASS can't hit innocent
bystanders - the +all PASS weirdo bell.ca isn't innocent ;-)

> I'd guess that there must be more than 10% out there if 4%
> actually use -all.

For Alexa's definition of relevant domains it's roughly 40%:
http://utility.nokia.net/~lars/meter/spf.html

Frank

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=92051063-934299
Powered by Listbox: http://www.listbox.com

--On 31 January 2008 11:34:35 +0100 Frank Ellermann
<nobody@xyzzy.claranet.de> wrote:

> Ian Eiloart wrote:
>
>> An SPF pass for a trusted domain can be used to avoid spam
>> filtering,so even these records are worth checking for
>
> Yes. For an untrusted PASS you could "accept, later check
> and bounce if necessary", after all PASS can't hit innocent
> bystanders - the +all PASS weirdo bell.ca isn't innocent ;-)

I guess you wouldn't bounce when you matched +all. And, you needn't send a
vacation message, either.

>> I'd guess that there must be more than 10% out there if 4%
>> actually use -all.
>
> For Alexa's definition of relevant domains it's roughly 40%:
> http://utility.nokia.net/~lars/meter/spf.html
>

That's good.

> Frank
>
> -------------------------------------------
> Sender Policy Framework: http://www.openspf.org
> Archives: http://v2.listbox.com/member/archive/735/=now
> RSS Feed: http://v2.listbox.com/member/archive/rss/735/
> Modify Your Subscription:
> http://v2.listbox.com/member/?&
> Powered by Listbox: http://www.listbox.com



--
Ian Eiloart
IT Services, University of Sussex
x3148

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=92063114-89026b
Powered by Listbox: http://www.listbox.com

Ian Eiloart wrote:

> I guess you wouldn't bounce when you matched +all.

I would, PASS is PASS, accepting PASS "on probation"
is fine. A feature of SPF.

> And, you needn't send a vacation message, either.

I've never done it, but an SPF PASS would allow it.

In theory folks can do C/R after SPF PASS. If all
mails were either PASS or FAIL adding C/R to PASS
could for a change actually work. Of course the
premise "if all mails" will be never true, so far
for that "FUSSP" ;-)

>> For Alexa's definition of relevant domains it's roughly
>> 40%: http://utility.nokia.net/~lars/meter/spf.html

> That's good.

+1 With 4% FAIL of the "tested" domains and 40% SPF
of the "relevant" domains it's roughly one out of ten
domains using SPF that has also -all. Not too shabby.

Frank

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=92270458-4d8fb9
Powered by Listbox: http://www.listbox.com

At 08:11 PM 1/31/2008 +0100, Frank Ellermann wrote:

>>> For Alexa's definition of relevant domains it's roughly
>>> 40%: http://utility.nokia.net/~lars/meter/spf.html
>
>> That's good.

Looks like the definition of "relevant domains" is those having a webserver. Seems to me that is unrelated to email.

>+1 With 4% FAIL of the "tested" domains and 40% SPF
>of the "relevant" domains it's roughly one out of ten
>domains using SPF that has also -all. Not too shabby.

Still far from what we need to block forgeries. I would like to set a policy on my Receiver of "either PASS some form of IP authentication, or read my REJECT". For me, that would require about 99% compliance. Only then would I feel confident in blocking the 1% legitimate but ignorant.

-- Dave

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=92310686-e14d6a
Powered by Listbox: http://www.listbox.com

--On 31 January 2008 20:11:01 +0100 Frank Ellermann
<nobody@xyzzy.claranet.de> wrote:

> Ian Eiloart wrote:
>
>> I guess you wouldn't bounce when you matched +all.
>
> I would, PASS is PASS, accepting PASS "on probation"
> is fine. A feature of SPF.

OH, OK. Either they've got a good reason for wanting the backscatter, or
the more they get the more likely they are to deploy a more informative
policy - perhaps. Yes, I buy that.


>> And, you needn't send a vacation message, either.
>
> I've never done it, but an SPF PASS would allow it.
>
> In theory folks can do C/R after SPF PASS. If all
> mails were either PASS or FAIL adding C/R to PASS
> could for a change actually work. Of course the
> premise "if all mails" will be never true, so far
> for that "FUSSP" ;-)
>
>>> For Alexa's definition of relevant domains it's roughly
>>> 40%: http://utility.nokia.net/~lars/meter/spf.html
>
>> That's good.
>
> +1 With 4% FAIL of the "tested" domains and 40% SPF
> of the "relevant" domains it's roughly one out of ten
> domains using SPF that has also -all. Not too shabby.
>
> Frank
>
> -------------------------------------------
> Sender Policy Framework: http://www.openspf.org
> Archives: http://v2.listbox.com/member/archive/735/=now
> RSS Feed: http://v2.listbox.com/member/archive/rss/735/
> Modify Your Subscription:
> http://v2.listbox.com/member/?&
> Powered by Listbox: http://www.listbox.com



--
Ian Eiloart
IT Services, University of Sussex
x3148

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311532&id_secret=92542669-eedc82
Powered by Listbox: http://www.listbox.com