On 5/3/2012 1:16 PM, Prabhpal S. Mavi wrote: >> 1. SPF was not designed to be used this way. It is doubtful that anyone >> has written anything that even remotely considered this option in use. >> You will likely have to write it yourself. >> >> 2. SPF is still in RFC testing, so it is not yet a full internet >> standard. And once it is, the standard still does not condone using it >> the way you intend. IOW, there is nothing in the standard that states >> you must have a SPF record to be a legit email domain. Basically, you'll >> have a broken mailserver. We are actually stuck with having to take ours >> off for the moment as one 'service' we use demands sending email from >> their mailservers using our email address and they still have no SPF >> record. >> >> If you do this, most likely you will not get around 90% of the good >> email as SPF is not widely used as of yet. But I guess if you are only >> interested in receiving email from a few 'known' domains... it could >> work. Seems it would be easier to just blacklist all and whitelist the >> few? If it is just for internal... perhaps a webmail system with no >> outside email ability would be the way to go? > Dear Hilton. J > > Thanks for your advice, i actually know this. what would you say about > those who put there efforts to implement SPF. why they do it? I have been on the SPF list since before Microsoft just about killed it. SPF is perhaps the most misunderstood function in the email world. It is not a spam filter. The SPF website will tell you that very early on. It is quite simply this. It is to battle domain spoofing. Or, to battle the use of a legit domain in a from address sent by a spammer woh has no rights to use that domain name. It is and always will be voluntary, as some domains simply cannot implement it. Their systems are too complex and the TXT record in bind won't allow enough characters. There are some other good reasons to not use it... or good situations where you are forced to not use it. Either way, it is simply a statement to the world that email from my domain should be coming from these IP addresses and that is all it is. The receiving end can choose what to do with that information. There is a gray area between it being called a spam filter or not... The SPF folks won't let you call it a spam filter. It can do a really good job of avoiding finding your mailbox full of bounce messages, but that will only be reduced by the number of systems which did SPF checks. Ultimately, I think it will be a great thing, much like RevDNS is now, but we couldn't really get hard core on RevDNS until most of the major providers did. If you can't send email to AOL, Comcast, Netscape, Gmail and so on, then why should you be able to send to me? If you are planning to run a legit world facing email server, planning to use SPF as you are will make it a very broken system and it will not be anywhere near RFC compliant. Best, John Hinton > > Thanks / Regards > Prabh S. Mavi > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions