[Dovecot] spf record

Dean Brooks dean at iglou.com
Wed Nov 28 20:02:30 EET 2007


On Wed, Nov 28, 2007 at 11:45:29AM -0600, Rick Romero wrote:
> >>One thing that bugs me is why we must now implement domainkeys on top
> >>of SPF.  SPF pretty much does everything domainkeys does but simpler.
> >
> >Because SPF is a broken hack that doesn't properly accomodate the
> >forwarding of email without the use of other complicating hacks
> >such as SRS which mangle the sender address.
> >
> >SPF should have been scrapped years ago.  Instead, most large
> >organizations use "?all" in their SPF entry (typically because of the
> >forwarding problem), putting SPF in advisory mode which negates the
> >whole purpose of having it anyway.
> 
> I disagree.
> The only way you should be using SPF on the receiving end is as an  
> additional weight for spam scoring.

Well, perhaps, but that's not how it was originally designed to be used. 
I don't disagree that it has devolved into just another spam scoring
device though.

It's not even a very good one, since you can't easily determine if a
message is simply being forwarded.  As such, the score modifiers
tend to be low.

--
Dean Brooks
dean at iglou.com


More information about the dovecot mailing list