> -----Original Message-----
> From: owner-spf-help@v2.listbox.com
> [mailto:owner-spf-help@v2.listbox.com]On Behalf Of Bryan Phinney
> Sent: Tuesday, August 24, 2004 8:13 AM
> To: spf-help@v2.listbox.com
> Subject: Re: [spf-help] SPF, Postfix and smarthosting
>
>
> On Monday 23 August 2004 12:23 pm, spf@kitterman.com wrote:
>
> > As a current benificiary (or victim) of large numbers of from
> bounces due
> > to spammers, let me say that I do NOT appreciate them.
>
> First of all, I don't physically mail out bounces, I simply reject. My
> assumption is that the relaying server sends a notification or
> bounce based
> on the REJECT result. Since there are only one or two messages currently
> arriving that are invalid based on SPF, I would prefer to REJECT with a
> standard 55* code and let the server do what it wants with the
> result. If
> that is not possible, I will just bitbucket them. At some point,
> I hope that
> my relay mail server will start to reject based on SPF, and then
> this won't
> be an issue at all.
As I understand it, to reject during the actual SMTP session is not a
problem since you are communicating with the actual SMTP server that is
sending the message. If it's a spammer/zombie, I am very unlikely to ever
see a reject message because of that.
However, when you reject to your upstream SMTP server (which is not the one
that sent the message), where do they send the reject? I believe I'll get
that one.
>
> If you had sent a legitimate message to my domain and misaddressed the
> recipient, I assume you would want a bounce to let you know that
> the message
> did not go through. I could be wrong, perhaps you would just prefer to
> contact the person by telephone to confirm that they had gotten
> the message.
> Either way, you get a bounce, either from the originating server
> telling you
> the message was REJECTed, or from the relay server telling you
> the exact same
> thing.
Yes, of course. Perhaps I wasn't clear. I meant that if you accept a
message and then bounce it because of an SPF fail, then that means that you
will be guaranteed to be sending me a bounce for a message I didn't send.
The only exception to that would be if I had a misconfigured SPF record. In
that case, the first time I send to an SMTP server doing SPF checking during
the SMTP session, I'll get the reject since I sent it. Since you are
downstream in the process, the only way that you can inform me of a problem
in my SPF record is to also tell me every time you get a forgery. Please
don't. I get plenty of those every day.
>
> I could be wrong but I think that those are pretty standard for
> any large mail
> gateway that must relay mail through to smaller individual mail servers.
> Regardless of that, my personal domain is just that, a personal one that
> servers a very small number of persons. Spam is a very minor
> problem and the
> number of rejections that get sent are very small, amounting to
> 2-3 per week.
> Trust me, my server is not possibly a major concern to you or
> anyone else in
> any way. AOL, perhaps, Hotmail, Yahoo, certainly not me.
No, your domain specifically isn't a concern, my comment was more intended
for people reading the list (and the archives) to try and figure out how to
run SPF. One domain doing it the way you suggest isn't an issue. If
everyone did it that way, then it would defeat one of the major benifits of
SPF for the domain owner.
>
> > If you want to do something with the data from SPF fail messages, don't
> > send me a bounce in the hopes that I will invest my time in
> reporting it to
> > someone. I won't. Invest your time in reporting the messages to your
> > favorite IP based DNSBL. BTW, Spamcop (my personal favorite)
> will not take
> > reports based on bounces. You got the spam, it's you who have to report
> > it.
>
> Since I can not reject messages based on SPF, you won't be
> getting any bounces
> from me. However, if you think that reporting to DNSBL's are the
> answer, you
> might want to check your own IP to see the result:
>
> http://www.dnsstuff.com/tools/ip4r.ch?ip=
>
> Your IP is listed in Spews at level 1, SORBS, SPAMBAG and a few
> others. I
> wouldn't think that someone whose IP is listed in several DNSBL's
> would be a
> fan of black lists but I could be wrong. However, given the level of
> listings on your IP, I wouldn't think that bounces from spammers
> forging the
> From would be your biggest problem.
>
That would be interesting except that the IP address that you listed is the
address of my cable modem. Not the address of the SMTP server I've sent the
message from.
Yes, I've looked. All those listings are either because the IP is near an
IP that spammed or because it's a dynamic IP. If I was planning on running
my own MTA, I would be worried. Since I'm not, it really doesn't matter.
BTW, you were the one who suggested that I'd like to get the bounce so I
could report it under CAN-SPAM. DNSBLs aren't perfect (I wouldn't even say
they are good, just better than the alternatives), but the notion that
CAN-SPAM is going to affect anything is a bit odd. As a domain owner that
does not provide e-mail services to anyone, I do not believe that I even
have standing under CAN-SPAM to make a complaint.
So, to bring this back on topic, just a little, as a domain owner, SPF is a
good vehicle for me to protect my reputation once RHSBLs get going and
(hopefully) to cut down on the blow back from forgers a bit in the mean
time.
Scott Kitterman
-------
Archives at
http://archives.listbox.com/spf-help/current/ Donate!
http://spf.pobox.com/donations.html To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com