[Dovecot] spf record
Dean Brooks
dean at iglou.com
Wed Nov 28 20:02:30 EET 2007
On Wed, Nov 28, 2007 at 11:45:29AM -0600, Rick Romero wrote:
> >>One thing that bugs me is why we must now implement domainkeys on top
> >>of SPF. SPF pretty much does everything domainkeys does but simpler.
> >
> >Because SPF is a broken hack that doesn't properly accomodate the
> >forwarding of email without the use of other complicating hacks
> >such as SRS which mangle the sender address.
> >
> >SPF should have been scrapped years ago. Instead, most large
> >organizations use "?all" in their SPF entry (typically because of the
> >forwarding problem), putting SPF in advisory mode which negates the
> >whole purpose of having it anyway.
>
> I disagree.
> The only way you should be using SPF on the receiving end is as an
> additional weight for spam scoring.
Well, perhaps, but that's not how it was originally designed to be used.
I don't disagree that it has devolved into just another spam scoring
device though.
It's not even a very good one, since you can't easily determine if a
message is simply being forwarded. As such, the score modifiers
tend to be low.
--
Dean Brooks
dean at iglou.com
More information about the dovecot
mailing list