[Mimedefang] SPF

[Matthew S. Cramer]

On Thu, Nov 02, 2006 at 12:34:59PM -0500, David F. Skoll wrote:
> Hi,
> 
> After much consideration, I have removed the SPF record for
> roaringpenguin.com.
> 
> SPF was supposed to help prevent "blow-back" from joe-jobs.  (It
> was never designed to stop spam, of course, but I *was* hopeful that
> it would reduce annoying bounces caused by spam faked to come from
> our domain.)
> 
> Alas, SPF has not lived up to its promise, and it has caused some
> problems for us (we have salespeople working on the road who send mail
> through their ISP's servers.)
> 
> So, so long, SPF.  Too bad you weren't useful.

We're still using a hard record so that Corporate can control where
all mail for our domains originates.  We have a policy requiring all
email sent from our domains to go through Corp's smtp gateways - and a
hard SPF record helps us enforce it.

Of course we only notice when someone complains about a "problem"
of a bounced mail (from a recipient who honors SPF) originating from
their rogue SMTP server.  But it has caught a few rogue servers and
Internet access points backdoored into some sales offices and
manufacturing sites.

For avoiding blow-backs from joe jobs, I reject any mail from <>,
postmaster, etc. that doesn't match a regex indicating there's a
quoted Received line with a legit smtp server's address.

Occasionally someone's stupid mail server sends DSNs with something
non-standard as a sender, but it is pretty infrequent.


Matt

-- 
Matthew S. Cramer <mscramer at armstrong.com>          Office: 717-396-5032
Project Manager, Planning and Service Management    Fax:    717-396-5590
Armstrong World Industries, Inc.                    Cell:   717-917-7099