SPF and MailScanner

Julian Field mailscanner at ecs.soton.ac.uk
Fri Jan 30 10:12:02 GMT 2004

At 10:09 30/01/2004, you wrote:
>On Thu, 29 Jan 2004 18:37:47 +0000, you wrote:
> >On Thu, 2004-01-29 at 18:17, hermit921 wrote:
> >> I read that SPF (Sender Permitted From) is being incorporated into
> >> spamassassin 2.70.  Since the idea is to not accept (reject after HELO
> >> step) any message that fails the SPF test, I conclude SPF can't be used by
> >> MailScanner.  It can be implemented in postfix, exim, sendmail, etc before
> >> MailScanner sees the message.  Is this a correct summary?
> >>
> >SPF is just another means to help determine the likelihood of a message
> >being spam or not.  It is true that many sites may eventually want to
> >use this to block mail, however this is not the only way to use it.
> >SpamAssassin is likely to use it like they use rbls, as a trigger for a
> >score.  So you certainly could use it with SA through MailScanner,
> >although this would not block the mail during the SMTP transaction (but
> >this is the same decision you take if you use RBLs in SA or MS rather
> >than your MTA.
> >
> >That said, if SPF gains widespread acceptance (AOL is testing at the
> >moment I think, which is a good sign) and proves to be workable then
> >using it at the MTA level may be considerably more effective than using
> >RBL's in the MTA, with a much lower incidence of false positives (which
> >will invariably be caused by bad system administration of the senders
> >domain).
>Just read a good piece in NANAE about reasons why SPF will not going to
>work. At least for a whole lot of people and (small) bussinesses.
>Eventually you would have to include all IP-addresses in the list from
>where your domain can be used to send e-mail. Or restrict the use (and
>ease) of e-mail.

I have yet to see a solution to the problem that actually will work in real
life. SPF requires me to keep track of all the IP addresses of every
outgoing-mail-server used by BTInternet, for example.They change their
setup (for maintenance or whatever) and all of a sudden all my mail is
rejected. Yeah, great idea :-(

People need to think a whole lot harder about solutions to this, SPF ain't it.
Julian Field
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the MailScanner mailing list