AW: AW: SPF Configurations

Andre Engel andre.engel at
Sat Dec 5 14:53:54 CST 2009


> -----Ursprüngliche Nachricht-----
> Von: John R. Levine [mailto:johnl at]
> Gesendet: Samstag, 5. Dezember 2009 01:54
> An: Andre Engel
> Cc: nanog at
> Betreff: Re: AW: SPF Configurations
> >> Right.  The only major mail system that pays attention to SPF is
> >> Hotmail, but there are enough small poorly run MTAs that use it that
> >> an SPF record which lists your outbounds and ~all (not -all) can be
> >> marginally useful to avoid bogus rejections of your mail.
> >
> > For example :
> > [ various large ISPs that publish SPF ]
> Perhaps this is a language problem.  In English, "publishes" is not a
> synonym for "pays attention to."  As I said, you need to publish SPF
> to get mail into Hotmail.  That's why people do it.

As I said im almost german :-)
Some major providers ,1&1 for example, assigned their customers the
"responsibility" to "pay attention on SPF" for getting mails into their
boxes.(decision between suspicious or not)   

> > I know there is a problem so far with forwarded emails but there is
> also a
> > solution :
> > [ hoary SRS proposal to change every SMTP server in the world to make
> them
> > match what SPF does ]
> Sigh.

I do not want to change every SMTP servers in the world. I just gonna show
an useful option .-)

> > Every time a mail arrives that is an SRS address the password and
> timestamp
> > could be checked, and faked or outdated recipients could be rejected.
> You might want to look at BATV, which has nothing to do with SPF, but
> I have found is quite useful for recognizing spam blowback.

Sure ! For instance If your are providing an mail cluster for your customer
bills, a newsletter server or a cooperated
mail cluster and you know that you are sending emails only to receivers
email boxes BATV is indeed a awesome tool.
But if you are performing a shared mail cluster for your webhosting or your
Dial in customers which are using for instance some special kinds of mailing
lists maybe you need a additional solution.

>From a reputation perspective Id like the idea to combine a set of anti spam
tools if it is useful.
Indeed MAAWG is not "the badest place" to learn about.

> R's,
> John
> PS:
> > This message (including any attachments) is the property of FHE3 and
> may
> > contain confidential or privileged information. Unauthorized use of
> this
> > communication is strictly prohibited and may be unlawful. If you have
> > received this communication in error, please immediately notify the
> sender
> > by reply e-mail and destroy all copies of the communication and any
> > attachments.
> Our policy is to send messages with confidentiality notices to all of
> your competitors.

Sure! Im here to learn *** .-)



Andre Engel

Consulting Program Director, 
Email and Cyber Intelligence Services            " space left on the
device/Kein Weltraum links auf dem Gerät"

FHE3 GmbH                                        P: +49 721 869  5907
Scheffelstr. 17a                                 M: +49 160 962 44476 
76135 Karlsruhe

andre.engel at

Amtsgericht Mannheim, HRB 702495
Umsatzsteuer-Ident: DE254677931
Geschäftsführer: Peter Eisenhauer, Michael Feger, Dimitrij Hilt

This email is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

More information about the NANOG mailing list