[Possible Spam] Re: SPF failures nuke fedora-extras* msgs from redhat.com
Leszek Matok
Lam at Lam.pl
Fri Aug 25 00:01:10 UTC 2006
Dnia 21-08-2006, pon o godzinie 11:40 -0400, Matthew Miller napisał(a):
> > machine claiming to send on behalf of a domain is not listed in a TXT
> > record for that domain, then it is a roque sender and therefor fake,
> > and therefor should be dropped.
> It should *not* be dropped -- it should be flagged for further inspection.
> This is the only way to make SPF compatible with the existing internet.
You're both right and wrong. You're right - SPF has to be compatible, so
the messages from non-SPF hosts should be flagged. But in case of
redhat.com we see that the sysadmin specifically wants all other email
to be dropped (-all, "fail"), not flagged (~all, "softfail"). This is
wrong of course for a domain hosting large public lists, but that's
specifically what someone entered: reject, not mark.
All this thread went to discussion about SPF usefulness and why a
program should not change behavior without any change in the
configuration. But the parent was talking about a bug when this
particular Perl module returned SPF failure for a host which was
published (maybe because it was ip4 with a prefix length?). Or was
forwarding the cause? :)
Lam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: To jest cz??? listu podpisana cyfrowo
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060825/40b4435a/attachment.sig>
More information about the fedora-extras-list
mailing list