Author: Martijn Grooten Date: To: users Subject: Re: [bitfolk] Email - getting out of spam filters
"On Thu, Aug 1, 2013 at 9:00 AM, Phil Stewart wrote: > On 30/07/2013 18:21, Jan Henkins wrote:
>> You also have "~all" which is a soft-fail (handy for
>> testing, but pointless for production), and "?all" which is neutral
>> (utterly pointless IMHO).
>
> If you think that's bad, then consider that there are a significantly
> non-zero number of domains that actually explicitly use +all, which as far
> as I'm concerned is tantamount to declaring 'all spammers in the world may
> use my domain freely'.
I agree that +all seems rather pointless - sounds like ticking the SPF
box at best.
But both ~all and ?all are being actively used, by domains such as
paypal.com, linkedin.com and google.com - three domains that are very
prominent victims of from-address spoofing.
In theory, the ability of SPF to tell recipients that they can safely
drop all email claiming to come from your domain that doesn't come
from a handful of listed IP addresses sounds great - and it that
context ?all and ~all seem pointless for anything but testing.
In practise, it turns out to be pretty hard to know which addresses
email is being sent from from. Which is why ~all ("anything received
from IP addresses not listed probably didn't come from us, but we
can't be sure") and ?all ("we can't say anything about email received
from IP addresses not listed") come in handy.
SPF is mostly used in scoring - that's probably the reason behind the
odd behaviour noticed by the OP. ?all and ~all allow a receiving spam
filter to slightly reduce the spam score for emails received from
listed IP addresses, without having it drop anything else.
