[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Possible Spam] Re: SPF failures nuke fedora-extras* msgs from redhat.com

Dnia 21-08-2006, pon o godzinie 11:40 -0400, Matthew Miller napisał(a):
> > machine claiming to send on behalf of a domain is not listed in a TXT
> > record for that domain, then it is a roque sender and therefor fake,
> > and therefor should be dropped.
> It should *not* be dropped -- it should be flagged for further inspection.
> This is the only way to make SPF compatible with the existing internet.
You're both right and wrong. You're right - SPF has to be compatible, so
the messages from non-SPF hosts should be flagged. But in case of
redhat.com we see that the sysadmin specifically wants all other email
to be dropped (-all, "fail"), not flagged (~all, "softfail"). This is
wrong of course for a domain hosting large public lists, but that's
specifically what someone entered: reject, not mark.

All this thread went to discussion about SPF usefulness and why a
program should not change behavior without any change in the
configuration. But the parent was talking about a bug when this
particular Perl module returned SPF failure for a host which was
published (maybe because it was ip4 with a prefix length?). Or was
forwarding the cause? :)


Attachment: signature.asc
Description: To jest część listu podpisana cyfrowo

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]