[Mimedefang] Integrating SPF...

Alan Premselaar alien at 12inch.com
Tue Mar 29 23:55:47 EST 2005


John Von Essen wrote:
[snip]

> I am looking into SPF plugin for SA now. Does anyone know how it handles 
> domains with no SPF record? I would assume that if no SPF exists, then 
> forgeries are not penalized for that domain. Just need to make sure 
> before I turn this plugin "ON" in production.
> 

basically SA handles SPF in the following way (from my experience):

if SPF is non existant, no SPF rules fire
if SPF is existant and softfails, an SPF_SOFTFAIL rule fires with very 
few points
if SPF is existant and hardfails, an SPF_HARDFAIL rule fires with 
slightly more points
if SPF is existant and passes, an SPF_PASS rule fires with fairly low 
negative points

overall, the SPF scoring is low enough to have *very minimal* impact and 
is not designed to be used for rejection based on SPF.

> One other thing (feel free to email me off list), what is the difference 
> between Sender ID and using SPF records? Or are they the same thing.... 
> I like SPF, I like the fact that you control it within your own domain 
> via your DNS server. When I hear Microsoft talk about Sender ID I get 
> nervous, I envision some type of paid subscription to be listed on some 
> central repository that Microsoft controls!

I haven't been following the progress of Sender ID, so I can't offer you 
any information about it. sorry.


HTH

alan



More information about the MIMEDefang mailing list