[Mimedefang] SPF

Rich West Rich.West at wesmo.com
Sun Nov 5 17:20:49 EST 2006 

David F. Skoll wrote:
> Apparently, an e-mail someone sent from within our network (ie, it
> had an SPF "pass") was bounced by a broken server because of SPF.  That
> was the final straw.

I know this is now off-topic from the list, and I don't mean to rock the 
boat any, but that is a pretty weak excuse.  There has to be more to it 
than some idiot's broken email server that drove you that decision.

Fortunately, in the internet realm, we don't have to work to the least 
common denominator of systems out there.  If there's a broken system, 
then they are the one with the problem, not everyone else.


SPF's only goal was to provide a means toward ensuring that the email is 
originating from an authorized location.  That gives the email 
administrator full knowledge of where email is being sent through.  
Also, SPF is one of those "set it and forget it" things.  It should 
never require constant tweaking or maintenance.  Periodic, maybe..

For folks on the road, there are plenty of workable solutions.  Sending 
email through the local ISP is really a back-door to get around the 
controls put in place more than it is a proper way of working (or "best 
practice").  Provide them with VPN access or allow for them to send 
email out through an email server under your control (via user/pass TLS 
authentication).  The tools and pieces are all there, it just takes the 
time to get it all together and functioning properly.

Besides, what looks more professional: Email from 
user at roaringpenguin.com, or email from user at comcast.com with a reply-to 
set to user at roaringpenguin.com?  That, and, at the very least, you know 
the entire path of the email before it leaves your environment. When 
going through a local ISP, you don't know how many copies are kept or 
eyes are looking over those emails.  And if there is a problem with 
their server (local ISP's make a lot of DUMB mistakes), you're sunk.

It seems like there is more to lose than gain by taking the short route.

I'm no SPF fanatic, but I do believe it is one of the many tools that 
are good to have in that arsenal.

-Rich

More information about the MIMEDefang mailing list