On SPF Records

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Heigh-ho AWW,

Many, many moons ago, when my host first allowed the application of SPF  
records to domains, I was eager to sign up; doing my personal  
spam-fighting duty.  I carried the record for a few months, but every now  
and then I would get the worry that my mail was being blocked somewhere  
because I mis-wrote the record.  I hadn't mis-wrote it, but you know how  
these things are...

Then came the articles declaring that SPF was evil.  
for example.  The wave of "peer pressure" eventually led to my deletion of  
the SPF record and for a while all was well.

However, for the past 3 or 4 months now, I have been the victim of "The  
Joe-Job Which Never Ends".  I get three times as many bouncebacks as spam,  
 from rejected emails using forged addresses @greywyvern.com in the From:  
header.  DNS lookups and abuse reporting have so far failed to reduce the  
inflow.  Today I recieved a certain verbose bounceback, and for the first  
time in a long while I inspected it.  It mentioned that the sending IP was  
listed in a RBL, and also that no SPF record was found at my domain.

Because of that, I cannot shake the hypothesis that the email might have  
been silently discarded had I had an SPF record; so today I re-enabled  
it.  We shall see over the coming weeks if this has any effect.

Normally, with any controversial technology I am reluctant to choose  
sides.  When SPF became controversial, I removed my record, and began  
waiting to see which side would win.  Now with my inbox getting pounded by  
emails my host's normal spam filter is not designed to stop, I find I am  
prodded against my will to choose a side in the hopes it will make  
managing my email easier.

Is anyone else in a similar situation?  What are your opinions on SPF, and  
do you think it will actually be any help?


Re: On SPF Records

On Fri, 27 Jan 2006 12:05:22 -0500
Quoted text here. Click to load it
SPF has not been adopted broadly enough to provide any real benefit. I concede
that I am dubious of all FUSSP du jour schemes. Many of these are primarily of
benefit to main sleaze spammers.

                    Displayed Email Address is a SPAM TRAP
           Eliminate Spam: http://www.TQMcube.com
          Multi-RBL Check: http://www.TQMcube.com/rblcheck.php
            Zombie Graphs: http://www.TQMcube.com/zombies.php

Re: On SPF Records

Hi Grey -


Quoted text here. Click to load it

SPF does nothing to stop spam directly, only to stop forgeries.  I
have not added SPF TXT records to my zone files nor do I intend to.  I
also have not implemented SPF checking of incoming email.

http://www.ke9nr.net /

Re: On SPF Records

Fleeing from the madness of the GreyWyvern.com jungle
and said:

Quoted text here. Click to load it

How the-devil are you?

Quoted text here. Click to load it

I did look into it a while back - the article referenced was the key to  
discarding it, primarily because of the points raised beginning here:  

Quoted text here. Click to load it


btw: Sounds like you're running a catch-all alias @greywyvern.com - which  
will have several negative effects including ...

first (as you probably know), all garbage to greywyvern.com is actually  
delivered and processed by your mail server - including all those joe-job  

second (which you may not know), when queried your mail server will  
acknowledge that any-old-name[at]greywyvern.com is a valid alias to any  
remote mail server that cares to ask (mine does) when deciding whether to  
process incoming mail from your domain.

William Tasso - I was looking back to see, if she was looking back to see,  
if I was looking back at her.

How To Usenet: http://williamtasso.com/usenet/ - prove I'm wrong.

Site Timeline