Mailing List SIMS@mail.stalker.com Message #15560
From: Bill Cole <listbill@scconsult.com>
Subject: Re: SPF Record
Date: Wed, 24 Oct 2007 00:02:24 -0400
To: SIMS Discussions <SIMS@mail.stalker.com>
At 7:53 PM -0400 10/23/07, lcs@spellnetwork.com wrote:
Is anyone using an SPF record in SIMS?  Is it working for you?  If so, where did you enter the info?  I am getting a lot of spam that is spoofing the real users on my SIMS box.

SIMS development was abandoned about a year before the first Internet Draft in the strange ancestry of SPF, and it was another year after that before a grammar largely compatible with the final SPF definition was described in the draft spec.  SIMS cannot check SPF records and act on mail depending on the SPF check result, because SPF was created after SIMS 'died.' In short: SIMS has absolutely no awareness of SPF and never will.

That said, the hypothetical use of SPF to reduce 'blowback' has nothing to do with what mail server software happens to be handling inbound mail for that domain. SPF is implemented as a special TXT record in DNS that tells the world where mail claiming to be from email addresses in a domain should actually be coming from in a network sense. As a DNS record, an SPF string would not be entered into a mail server of any sort, but rather would be something to feed a DNS server.

I have had a SPF record (a serious one ending in '-all') on my heavy-blowback domain for about 3 years and if a lot of places were seriously paying attention to SPF, I should have seen some of the negative side-effects of that. I have not. That's consistent with what I see in working with larger mail systems: the only use of SPF that is worth the trouble is applying it to patch the gaping hole in whitelisting by sender domain, particularly on heavily-phished domains.


--
Bill Cole                                  bill@scconsult.com

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster