[plug] Sender Policy Framework (SPF)

James Devenish devenish at guild.uwa.edu.au
Wed Sep 8 13:57:42 WST 2004


In message <200409081313.48829.russ at powerstech.com>
on Wed, Sep 08, 2004 at 01:13:48PM +0800, Russ Powers wrote:
> One of the warnings I got was that I had no SPF record. Does anybody
> use spf? Does a mail server need this? What's it's status?

Spammers identify themselves by adding SPF records for their domains. If
you receive an e-mail for which there is an SPF pass or failure, discard
the message ;-)

PS. I'm joking. But, basically, as far as I know, the use of SPF is to
discard messages for which the sender domain has been forged. It does
not tell us whether an e-mail is legitimate, and for the majority of
e-mails it tells us nothing about the e-mail. However, it does at least
allow you to trim back some of your spam. To tell the truth, I haven't
had as many problems with spam being 'passsed' by SPF recently, although
I was definitely experiencing it earlier in the year (I am an SPF
sceptic).





More information about the plug mailing list