[Mimedefang] md_check_against_smtp_server and md_graphdefang_log
David F. Skoll
dfs at roaringpenguin.com
Tue Mar 26 22:02:28 EDT 2013
On Tue, 26 Mar 2013 15:42:42 -0700 (PDT)
kd6lvw at yahoo.com wrote:
> > SPF is completely useless in the following sense: Rejecting mail
> > because of SPF "fail" will absolutely cause valid mail to be
> > rejected. You (and I) may say "Tough luck for domains that publish
> > broken SPF records", but for some reason our customers don't see it
> > that way.
> Broken SPF records do not generate a "fail" response.
You misunderstand. I mean that an SPF record is "broken" if it
specifies "fail" for a valid sending host.
> I do say "tough luck" for otherwise valid mail rejected by an SPF
You do not have to explain yourself to tens of thousands of customers,
correct? In our anti-spam software and service, we recently
implemented a policy decision that ignores sender and domain
whitelists on SPF "fail" or "softfail". We've had endless complaints
about this! We're not even blocking such mail; we're just *not*
allowing it to be whitelisted, and still people complained. (So we made
it possible to turn off the policy.)
> I pay for my own mail by use of the bandwidth I pay for, and I have
> users other than just me in my domains.
Do they pay you to provide service? In principle, I agree with your
approach, but it's doomed to failure in the real world. The real
world is a mess and sticking to strict, pristine principles of email
delivery quickly means you'll have no paying customers.
More information about the MIMEDefang